Access Credentials: Options and Trends

Access control credentials are the item or input that a person must provide to gain access to a specific area (door, elevator, building, etc.). There are a wide variety of credentials and methods that can be used.

This article will briefly summarize the main options while also laying out the potential pros, cons, and best uses for each case. For clarity, we will split these methods into four umbrella groups.

1. Something You Have:

These are physical objects that you carry and present to the reader to open the doors. As the most common form of access control credentials, there are many options, including:

Fobs and Cards:

These are by far the two most common methods of access control. They contain individual chips embedded into a fob or card format that emit a unique signal to the reader, allowing for access.

Mobile Phones:

This method is not nearly as common as the above one, but it is growing in popularity with the ubiquity of smartphones. In this case, an application is installed on the phone, and a mobile credential is emailed to the user. Through the app, the reader can recognize the phone and allow access if its owner is verified.

Wearable Items Such as Bracelets:

These are very similar to a regular fob, except they’re able to be worn for convenience rather than carried. These are especially useful for facilities like gyms and spas where the user may not have access to pockets and need to move between spaces regularly.


This allows you to stick the credential to an item you already regularly carry. The chip is located within the sticker itself. This prevents you from having to carry and worry about losing an additional item, such as a fob.


These are generally the easiest and most common methods for users. As such, they require the least explanation and training. 


You will need something to be issued to every user, usually physical (although not in the case of smartphones), this can get costly quickly for larger systems. Physical items can also easily be stolen or lost. This requires administrative intervention to delete the user from the system; in large applications, this can create a lot of work.

Best For:

Most security applications small to enterprise.

2. Something You Know:

Something the person has memorized or stored for retrieval like a code, password, pattern, or shape. These can be entered into a pad to verify access and open the doors.


This method is the cheapest and easiest to implement. It only requires the set up of the pad itself as opposed to any additional physical credentials.


This is not as secure as other methods since codes can be shared and compromised without any notice from the administrator of the system.

Best For:

Low-security applications or to be used in combination with another method for second layer of security.

3. Something You Are:

This method scans attributes of the actual person, such as their fingerprint or retina, to verify their identity. After scanning, the system confirms whether or not they have access. A less advanced option that also falls into this category is verification by a live guard through a camera feed.


This is generally the best option for high-security applications since identity is tough to fake.


It involves a much slower verification process (up to 10 seconds rather than a fraction of a second). For large applications, this could potentially create a significant backlog. Also, generally more expensive due to the need for advanced technology or an ongoing salaried guard.

Best For:

High-security applications, which require actual verification of identity is critical.

4. Combinations of Methods:

In many cases, it is recommended to use a variety of methods in conjunction. This is particularly useful for after-hours access or high security, low-volume doors.


Significantly increases security by ensuring a stolen item or shared password is not sufficient to gain access.


Increased price since you need to install a system capable of accepting more than one method. Also, much slower to verify two methods and, therefore, not recommended for high-volume applications.

Best For:

After-hours when facilities are most vulnerable, but you don’t need to worry about time and backlogs. Also, for high security, low-volume area such as data centre access.

Trends and Predictions

Mobile Credentials Will Continue To Grow In Certain Verticals, But Not Everywhere:

Mobile credentials have been gaining some traction for several years. We believe they will continue to do so, particularly in small-to-medium size technology-centric companies where the novelty is appreciated, and the tech-savviness of users is not an issue.

However, we do not see this method making a strong stand in condominium or large-corporate environments, where it will require too much effort to train and provide support for such a large number of users. Requiring residents and employees to install applications on their personal phones can also create issues.

One other thing to consider: manufacturers often create confusion by suggesting that you will save money by not having to buy physical credentials. In many cases, a mobile credential license is required for each user, equaling a similar cost to a physical credential.

Facial Recognition Is Still A Few Years Away From Being a Viable Option Solo:

As of 2021, we are finally starting to see facial recognition systems improve accuracy. However, we do not see accuracy rates that would allow facial recognition alone to be used to unlock doors.

With the recent improvements in mind, we believe in the next 5 years’ facial recognition will finally be at a point where speed will increase, and accuracy will be high enough that it can be used as an alternative to other credential methods.

Deep Integrations Between Facial Recognition and Other Access Systems Will Grow:

Despite facial recognition not being ready to use alone, we do believe that it will become more prevalent as a secondary method to boost security and verify identity.

Readers and Physical Credentials Will Eventually Become Obsolete, But For Now, They Are Still The Best Option For Most Applications:

We believe that technology will eventually allow for smarter systems to verify access with less effort on the part of the user. For example, facial recognition will become automated to the point of recognizing individuals as they approach the door without any extra credential scanning being necessary. However, we are still several years away from this point.

For now, card and fob access systems are still generally the best option in terms of security and cost for most operations. These systems can run for up to 30 years without being updated. That means you shouldn’t be tossing out your fobs and cards yet; we will still be seeing them and readers on doors for many years to come.

Next Steps:

If you want to be sure you are getting the right technology for your building or business reach out to Square Security. Our consultations are free of charge and we are happy to answer any technical questions you may have. Schedule your free consultation by clicking here or calling 416-460-7218.

More Posts You May Find Interesting