Contact Vivienne at vivienne@ technews.co.za or 011543 5800 ...

www.securitysa.com Access & Identity Management Handbook 2013 1

4 .........Editor’s comment
Opinion
6 .........Moving towards practical security Solutions
8 .........Integrate or fail
14 .......Biometrics by the book
16 .......Make the right biometric choice
20 .......Selecting the right biometric technology for your needs
40 .......Foolproof fi ngerprint detection
87 .......Points to consider in selecting biometrics
88 .......Access control does not equal time and attendance
Trends
12 .......The new age of access control
22 .......Biometric myth busting
34 .......Face It
36 .......The changing face of access control
37 .......New kid on the Morpho block
38 .......Balancing security and convenience to beat fraud
85 .......Workforce management effi ciency
86 .......Identity in Africa, the mobile upwards
89 .......Local digital identity innovation
90 .......State of the access control market
White paper
28 .......Identity and access governance, a future in the cloud
42 .......iCLASS SE implementation and migration
2 Access Access & & Id Identi Identity ntity ty y Man M Management agement Han Handbook and a book 2013 2013 www.secur
www.securitysa.com
cur ur urity ity itysa. t sa com
contents
System integration
76 .......System Integrator profi le
78 .......T&A Solution Guide
80 .......Workforce Management Solution Guide
84 .......Protect your business’s most important assets
Best practices
91 ......A guide to access control and sustainability
Buyers’ Guide 2013
44 ......Biometrics Selection Guide
66 .......Access Selection Guide
Product update
110 ....Access control fi ngerprint management with Unis
111 .....Real-time, Web-based time and attendance solution
112 .....A new approach to people management
114 .....The ProxNet 647-50 fi ngerprint reader
114 .....Next generation time and attendance
114 .....Hands-on attendance
115 .....IP to the door
The back page
116 .....Is that you, darling?

Government
case studies
94 ...... High security access at nuclear site
95 ...... Integrated security defends the prosecution
Commercial
96 ...... Access to mixed-use development
97 ...... A taste of integrated access control
Manufacturing
98 ...... Carrol Boyes reduces downtime with
Trac-Tech system
99 ...... Compliance via biometrics
100 .... Xpanding access control
101 .... Pepkor opts for turnstile access
102 .... Integrated access roars with fl avour
104 .... Biometrics: returns beyond access
105 .... Back to school
Construction
106 .... Controlled access for 15 000 people
each day
Identity management
107 .... New York City Transit
Healthcare
108 .... Hospital access controlled
Finance
109 .... Ministry of Finance, Nigeria
www.securitysa.com Access & Identity Management Handbook 2013 3

EDITOR’S COMMENT
Card? What card?
It’s that time of the year again and the Access
and Identity Management Handbook 2013 is
now in your hands. This year’s handbook is
probably the most important one we’ve done
over the past few years, not only in terms of
the specifi c content, but also the overall focus
on the publication.
In the past, Hi-Tech Security Solutions has
never been shy to talk about the move to
biometrics and the importance of integrating
access into other solutions. This issue gave
us no choice as biometrics seems to have
reached a turning point which sees informed
companies actively considering biometrics
for their access solutions
instead of looking at it as a
second thought.
The trend hasn’t quite
caught on in the IT world,
which seems to be happy
with cards and passwords,
but how long can this carry
on? There’s the story of the
IT department who says
it’s satisfi ed that passwords
and cards are safe because
their employees have
signed a contract agreeing
not to share their cards and
passwords with anyone.
I hope the IT manager in question was just
saying that to get rid of a sales person and
isn’t actually risking his job on it.
Of course there are still millions of cards
and card-based access systems out there in
the real world, but as more companies have
to protect their premises, assets, data and
fi nances from criminal syndicates who have
more time and money than they do, we can
expect to see more biometrics installed in
almost every industry out there – especially in
sensitive areas.
The biometrics market also had a bit of a
shake-up this year with Morpho, the brand
with the lion’s share of the South African
LETTERS TO THE EDITOR
Letters to the Editor should be addressed to Andrew Seldon at andrew@technews.co.za.
Sending material to this publication will be considered automatic permission to use in full
or in part in our Letters column. Be sure to include your name, e-mail address, city and
postal code. We reserve the right to edit all letters.
4 Access & Identity Management Handbook 2013 www.securitysa.com
market, expanding its distribution base. Will
this result in even better sales for the biometric
brand? If you look at the pages that
follow, it’s clear that other brands are not
resting on their laurels, but actively driving
their solutions to market.
Buyers’ selection guides
We’ve also included our Biometrics Selection
Guide in the handbook for the fi rst time
this year. And it’s proved to be the right
decision. You can fi nd a biometric device for
any need in the guide. We were also told we
can’t ignore other access control devices just
because they weren’t
biometric based, so
we’ve also included
an Access Selection
Guide for non-biometric
solutions. The number
of entries we received
was quite surprising,
showing that biometrics
haven’t taken over the
world.
We’ve included the
option in both guides
for the vendors to highlight
what applications
their devices are aimed
at as well as any integration assistance and
capabilities buyers can expect. We don’t go
into intricate details, but the tables provide
insight into what your hardware can do and
what solutions it could be integrated into.
And if you think integration is a rumour,
the following pages will change your mind.
Any insight from readers into what we
can do to improve the guides next year is
more than welcome. Feel free to let us know
at andrew@technews.co.za. And please use
the same address should you have any comments
on the handbook as a whole.
Andrew Seldon – Editor
Published by
Technews Publishing (Pty) Ltd
1st Floor Stabilitas, 265 Kent Avenue,
Randburg
Box 385, Pinegowrie 2123
Tel: 011 543 5800
Fax: 011 787 8052
ISSN 1562-952X
Editor
Andrew Seldon: andrew@technews.co.za
Contributors
Allyson Koekhoven
Mark Eardley
Business Manager
Vivienne Dorrington:
vivienne@technews.co.za
Advertising sales
Tracy Wolter: tracy@technews.co.za
Laura Dorrington: laura@technews.co.za
Angie Crew: angie@technews.co.za
Subscription Services
For address changes, orders, renewal
status or missing issues,
e-mail:
subs@technews.co.za
Subscribe online: www.technews.co.za
Design and layout: Technique Design
Printed by: Intrepid Printers (Pty) Ltd,
9 Grix Road, Willowton, Pietermaritzburg
All rights reserved. No part of this publication may be
reproduced, adapted, stored in a retrieval system or
transmitted in any form or by any means, electronic,
mechanical, photocopying, recording or otherwise,
without the prior written permission of Technews
Publishing (Pty) Ltd,
Reg No. 2005/034598/07
Disclaimer
While every eff ort has been made to ensure the accuracy of
the information contained
herein, the publisher and its agents cannot be held
responsible for any errors contained, or any loss incurred
as a result. Articles published do not necessarily refl ect the
views of the publishers. The editor reserves the right to alter
or cut copy. Articles submitted are deemed to have been
cleared for publication.
Advertisements, inserts and company contact details are
printed as provided by the advertiser. Technews Publishing
(Pty) Ltd cannot be held responsible for the accuracy or
veracity of supplied material.

www.securitysa.com Access & Identity Management Handbook 2013 5

OPINION
Moving towards practical security
solutions
By Peter Bouwer, GM, special projects at Mustek Security Technologies.
The identity management and access control market is at an exciting
point, with technology being available that can bridge the gap
between high cost and high-end solutions, and more cost-eff ective
and functional ones. This will essentially help businesses and crime
prevention services get more benefi t out of them.
Gartner stated earlier this year that companies need to increase
their focus on identity and privacy projects that can deliver real value,
not just to IT departments – but to
the rest of the business. As organisational
boundaries erode under the
pressure of federation and outsourcing,
and as company control
over IT continues to weaken, due to
the increased adoption of mobile and
cloud services, identity management
is becoming more important than
ever before.
A face for crime
One of the key aspects of identity
management and access is that of
facial recognition, which has many
advantages over other biometrics
solutions. It enables faces to be
recorded and archived at a distance,
act as a crime deterrent, and help
identify a person immediately or at
a later date. More importantly, the
contact-free and non-obtrusive procedure
makes for a more acceptable
and easier integrated identifi cation
solution using existing cameras.
The prevention of real-time
Peter Bouwer
crimes and tracking persons of
interest is diffi cult to do, due to a lack of accuracy by human eyes, and
the cost of manpower to monitor surveillance systems connected to
numerous cameras.
There are solutions available that can incorporate embedded face
recognition and 3G technologies to integrate with existing CCTV
cameras, to off er fl exibility and mobility for installation in remote,
rugged, and challenging areas. Some solutions also have law enforcement
applications that enable mugshot browsing, searching, matching,
and fi ltering via Web-based front-ends. This means that access can
be from anywhere, based on authorisation. Intelligence gathering from
live cameras can be displayed and searched in seconds. Matching can
6 Access & Identity Management Handbook 2013 www.securitysa.com
be performed quickly by uploading local fi les or via remote devices,
such as mobile phones or wireless video servers.
Making technology accessible
Companies are therefore faced with what seems to be a dizzying array
of choices. Yet, many of them have been frustrated by the expensive
costs associated to having quality facial recognition technologies
incorporated into a security system.
Far too often this leads to a company
buying an off -the-shelf CCTV
solution, from a retail store that
does not take its specifi c requirements
into consideration. These
businesses are then surprised that
the quality of the recordings are not
good enough to be used as evidence
in crime fi ghting.
Locally, companies need to be
educated on the benefi ts of the
respective solutions in order for
them to make a qualifi ed purchasing
decision. And while many may
think this education comes down to
more expensive being better, it is a
case of implementing systems that
can be used as evidence to not only
identify those who break the law –
but also help to prosecute them.
Thankfully, many companies
understand the importance of being
pro-active when it comes to identity
management and access solutions.
These companies are also more open
to technology developments than
in the past. This could be attributed to the realisation that control over
mobile and Internet-based services is virtually impossible to enforce.
Solutions that are cognisant of this and empower companies with the
tools they need to manage any potential issues before they arise are vital.
The local market is truly at an exciting time for these identity
management and access control solutions. We will see quite a shift
in how com panies adopt these solutions and how law enforcement
agencies use them.
For more information contact Mustek Security Technologies,
+27 (0)11 237 1364, sergiop@mustek.co.za, www.mustek.co.za

www.securitysa.com Access & Identity Management Handbook 2013 7

OPINION
Integrate or fail
Develop solutions that capitalise on the commercial benefi ts provided by biometrics.
Without any doubt, a commitment to integration is one of the main companies to begin replacing conventional access cards by integrating
reasons why fi ngerprint-based identifi cation is used so extensively in SA biometrics within their systems.
to control workplace access and manage T&A. Managing identity within “Back in 2005, we saw how fi ngerprint technology could move beyond
the workplace has been the foundation for local biometric applications. its applications within law enforcement. By working closely with Ideco
Dave Hunter, divisional managing director at Bytes Systems Integration as our integration partner, it became commercially feasible to use bio-
says, “We recognised the potential of biometrics many years ago. Right metrics as a highly secure means of managing identity within our access
from the start, we clearly saw how the technology could signifi cantly control systems. Without that partnership, we would probably still regard
strengthen the overall integrity of our Kronos workforce management the technology as sci-fi on TV shows like CSI. Instead, fi ngerprint-based
solution.”
identifi cation is now a business real-
Hunter says that the Kronos plat- Jason Matthews Dave Hunter ity for hundreds of our end-users like
form addresses the needs of large
organisations with high numbers of
Vodacom and Coca-Cola.”
personnel who are widely dispersed
Integration demands
geographically. “It’s a heavy-duty
resources
solution for large, diversifi ed organi-
Coetzee says that Ideco spends
sations. Nevertheless, even such an
around R2,5m a year on providing
advanced solution is still subject to
integration services that enable the
the age-old security vulnerabilities
use of fi ngerprint scanners within a
that are created by a dependence
diversity of secure business solu-
on old-fashioned access cards and
tions. “Most of that budget goes
codes to authenticate people’s
towards funding our technical and
identities.”
development team. It provides a
In Hunter’s opinion, in 2004 the
‘can-do’ platform of technical skills
potential benefi ts that biometrics
and expertise that allows us to
clearly off ered were nothing more
co-operate with our partners in
than that – potential benefi ts. “Unless we could integrate our technolo- building fi ngerprint-based business solutions for their clients.”
gies with biometrics, that potential was always going to remain unful- But the fi nancial commitment to integration doesn’t end there. At
fi lled. It was nothing more than a nice-to-have concept in some hypo- any given time, Ideco typically has R600k worth of development or
thetical future. Commercially, it would have been a non-starter. What demo equipment allocated to specifi c projects where biometrics are
turned it into a practical business reality was the extraordinary commit- being incorporated into new and existing solutions. Coetzee stresses
ment towards integration from our long-term biometrics partner, Ideco.” that, “Our continuous investment in integration is one of the main rea-
This perspective is endorsed by Mark Stoop, business unit manager sons why more than 70% of all local biometric applications are based on
within the Innovation Group at Business Connexion. “In partnership with fi ngerprint scanners from us.”
Ideco, we have been implementing fi ngerprint-based physical security “Integration is a core component of our business. It’s an on-going
solutions in southern Africa for the past seven years.
process that supports an ever-growing range of business applications
“The business case for replacing traditional access credentials with that rely on accurate identifi cation of the people who use them. As
fi ngerprint technology is disarmingly straightforward. Fingerprint-based the business advantages of modern biometrics become more widely
identifi cation cuts the repetitive losses caused by unauthorised access and recognised, we are seeing increased demand for us to integrate scanners
activity within the workplace. This has been proven repeatedly in local within diff erent types of systems.”
organisations ranging from mines to food-processing plants. Our clients For Coetzee, this extensive integration work across such a wide range
know this because they see the results on their bottom line. They recogn- of leading solutions is essential and it forms part of an integrated bioise
that any security solution based on a card or a code is clearly vulnerametric security industry estimated at more than R3 billion per annum. “In
ble to abuse simply because it is so easy for people to share or steal them.” order to drive high volumes of biometric sales across southern Africa, we
He points out that the ability to accurately identify people within the had to demonstrate commitment to the companies who use the products.
workplace delivers a great deal more than just preventing unauthorised “If we had just dropped boxes and walked away, Morpho would
access and buddy clocking – the practice where people clock-on for one just be another one of the minor players in the local biometrics market.
another at work in order to defraud their employer’s payroll system. We Instead, our integration work means that Morpho is rightly regarded as
are also able to deliver benefi ts in areas such as occupational health and
safety, because we can accurately control who can enter certain areas as
the number-one biometric product.”
well as recording people’s location as they move around their place of A formal business process
work.”
The type of integration service provided by Ideco allows diff erent levels
As one of the leading local manufacturers of access control systems, of integration within the systems that Morpho features. Coetzee says,
Safl ec has a user-base of over 500 companies across southern Africa. “We off er the service free of charge based on agreements that the
Sales manager, Barend Keyser, says that Safl ec was one of the fi rst SA
Continued on page 10
8 Access & Identity Management Handbook 2013 www.securitysa.com

www.securitysa.com Access & Identity Management Handbook 2013 9

OPINION
Continued from page 8
Biometric Systems says this is particularly evident within the established
solution provider uses our biometric products. Obviously, it’s important discipline of identity management or IdM. “Within corporate IT systems,
that the technology itself is so highly regarded. That level of respect for the function of managing identity has traditionally been the preserve of
the product is based on a long-established track record of exceptional specialised IdM solutions from big names like IBM, Sophos, RSA, Novell
performance and capabilities. At Ideco, one of our key roles is to make and Symantec.
those commercial advantages readily available to the market.”
“On the other hand, the function or discipline of authenti cating
Ideco begins its formal integration process with an NDA to protect identity is handled separately by the big names in biometrics, like
both parties when sharing their IP. This is followed by a strategy dis- Morpho for example. There is little collaboration across the two
cussion to understand the business
distinct disciplines and their
objectives and integration require-
respective strengths often remain
ments. “Then the two teams of
in their separate silos as opposed
technologists do their thing,” says
to working together. It doesn’t
Coetzee. “They move the integra-
matter how sophisticated your
tion forward to a point where it can
IdM solution might be if it’s based
be evaluated against the original
on cards and PINs and passwords.
operational and commercial objec-
If the system can’t accurately
tives and certifi ed as being com-
authenticate users, well, what’s
pliant to best biometric practices.”
the point of trying to manage
Coetzee knows that integration
what they can do?
is a living thing that evolves with
“Equally, authenticating IT
advances in biometric technology
users biometrically isn’t much
as well as in the solutions where it
is used. “With every new product or
Mark Stoop Barend Keyser
good without an IdM solution
to handle what those users can
fi rmware release there are changes
do. But, if you put the two sets of
that could have a material eff ect on the overall solution. Ideco maintains technology together then you have a completely diff erent animal. Then
on-going technical relationships with our partners so that we can support you have a system that can truly authenticate, authorise and audit users
each other’s developments and maximise the demonstrable benefi ts that and their IT activity.”
biometrics off er the end-user. Together, we ensure that the technology
Stoop says that although Business Connexion’s clients have fi rst-
meets expectations.”
hand experience of the fi nancial benefi ts derived from fi ngerprint
identifi cation within physical security and workplace attendance, he
Thinking outside the box
recognises that organisations are increasingly exposed to security
Jason Matthews, MD of access control and T&A specialists, Jarrison Systems, threats within their IT systems. “Corporate IT still relies on passwords,
has worked with Ideco since 2005 and says that integration is key to extend- PINs and cards to control who can access their systems and operate
ing the business benefi ts that can be achieved through biometrics.
within them. This creates the same obvious and elementary risks that we
He cites Jarrison’s large-scale fi ngerprint-based solution at Omnia are countering with biometrics in physical security.”
Fertilizer as an example, “In addition to handling T&A and access for
He believes that the next major advance in biometric applications
about 5 000 employees at Omnia’s Sasolburg plant, the solution also uses will be their integration into access and activity control within IT sys-
fi ngerprint identifi cation to manage the personal protective equipment tems. “The motivation to introduce biometric controls into IT is really no
or PPE store. The PPE component of the system tracks what items were diff erent to what we have seen in physical security. The common goal
issued and to whom they were issued. Instead of signing for equipment is to prevent unauthorised access and the losses it causes. It strikes me
in a book, we use fi ngerprints to identify who is taking the equipment that this is a particularly pressing need in IT given the level of losses
and who’s issuing it.
being caused by corporate cybercrime.”
“Omnia also uses the Morpho-based solution to control its on-site
Once again, integration is critical to such an advance and Stoop
induction process, ensuring that all the necessary Health & Safety compli- and his team have worked extensively with Ideco to facilitate this. “We
ances are met for visitors or contractors entering certain areas of the plant.” are now at the point where we can replace IT access cards, PINs and
With such an established local track record that demonstrates both passwords with fi ngerprints. Not only can we control initial sign-on, we
the capabilities of biometrics and the proven business results they
can govern access to applications, documents and Web forms. Through
deliver, Coetzee sees the technology as being at a point where its appli- fi ngerprint-based authentication of the user, we can also authorise
cation isn’t limited to conventional security solutions.
changes to data and control transactions. At the same time, we record all
Increasingly, Ideco is seeing that accurate identity control is becoming this activity and link it to the biometric identity of the user. This means
an essential function within more and more business processes. Coetzee that we build accurate audit trails that defi nitively show who did what
says, “We are currently working on 52 integration projects. These include within an IT system. And we can do all this right now.”
the use of biometrics within logistics and supply chains; vehicle driver
As for the future of biometric applications, Coetzee encourages
identifi cation; managing the chain of custody within law enforcement; anyone whose systems are reliant on identity to consider biometrics
and handling identity-based processes within the manufacturing, retail, as a means to accelerate processes and reinforce security. “The only
banking and medical sectors.”
eff ective way to control identity is with fi ngerprint technology. South
African organisations should be encouraged by the fact there is such
Collaboration is essential
a wealth of local experience in how to achieve this both in terms of
Very often there is a limiting silo eff ect in terms of maximising the com- technical expertise and practical knowledge concerning successful
mercial results that biometrics can deliver. Mark Eardley of SuperVision implementation.”
10 Access & Identity Management Handbook 2013 www.securitysa.com

www.securitysa.com Access & Identity Management Handbook 2013 11

TRENDS
The new age of access control
Operated in isolation from other safety and security systems, even the most
sophisticated access control system cannot live up to its promises.
Access control has become a vital component of any security concept
worldwide. The protection of intellectual property rights, prevention
of theft and sabotage or simply compliance requirements, there are a
multitude of reasons why companies of all kinds need to use a comprehensive
access control system to restrict, manage and control access
to their facilities. However, operated in isolation from other safety and
security systems, even the most sophisticated access control system
cannot really live up to its promises.
In such an environment, operation and monitoring can quickly turn
into a nightmare, as each system has its own architecture, its own user
interface and its own management tool. This is why more and more
organisations are looking out for an access control solution that easily
integrates with video monitoring, intrusion detection and sometimes
even visitor management to form a homogeneous security system with
a consistent user interface and central management and operations.
Long gone are the days (or at least they should be), when a gatekeeper
made a digital yes/no decision whenever somebody required
access to a company’s premises. Today, companies need to manage
access on a completely diff erent basis. They need to defi ne clearly who
may enter which parts of the campus or individual buildings and they
must also ensure that access is only granted at times when it is needed.
Further, suppliers are more and more often faced with requirements
of their customers to supply a documentation of all access attempts,
whether successful or not, to protect against industrial espionage.
To fulfi l this requirement, not only employee access must be captured
and recorded, but also the entire visitor traffi c. In some industries
there are also compliance issues enforcing integration of visitor management
– for example in the European food industry for certifi cation
against IFS-5. In addition to basic visitor management, it may also
be desirable to have forced guidance along certain routes, control of
singling systems such as turnstiles and weight sensors, anti-passback
features, guard tour modules and others.
Video integration for more safety
While modern access control systems allow an effi cient management
of access rights, they are rather powerless against abuse if operated on
their own. If an employee or visitor passes on his card, the illegitimate
recipient “inherits” all his access permissions. Tailgating is another issue
that standard access control systems do not address. In critical environments
it is therefore mandatory to add a second layer of security
by integrating access control with some kind of video surveillance. To
prevent abuse, all access requests can then trigger one or more video
cameras.
Who is really standing at this rarely used backdoor? Who is trying to
gain access to the warehouse right now with a card which was reported
as lost? In an integrated environment, operating personnel can answer
these kinds of questions with just a mouse click, ensuring a more rapid
reaction to such events.
Integrated systems can also provide alarm verifi cation, instantly displaying
live video images from nearby cameras when there is an alarm
event at a door – such as when a person presents an unauthorised credential
or when a door is forced open. With this capability, the operator
does not even need to know which camera to select to investigate the
12 Access & Identity Management Handbook 2013 www.securitysa.com
event, as integrated systems can be confi gured to automatically display
the appropriate video on the screen. This level of instant response can
improve the overall performance of a customer’s security staff .
Security personnel do not need to go to the site of an event to look
into an alarm. They can view video of the event from their workstations
and positively identify the cause – only going to the alarm location
when follow-up is necessary. This reduces the amount of time security
personnel spend away from their workstations and better prepares them
with an understanding of the situation when they do need to visit the
location. Some access control systems do even off er the same functionality
to verify alarms of an integrated intrusion detection system.
Forensics can also benefi t from such integration if the video recordings
are referenced in the access control system’s event log. Such a
feature greatly facilitates identifi cation, retrieval and playback of past
events and alarms if necessary. Systems off ering pre-and post-alarm
recording options also enable the operator to see video from immediately
before and after the alarm event to better judge the situation.
However, often the settings of surveillance cameras are less than optimal
for the specifi c event, and therefore it is desirable to have the ability
to change these settings without operator intervention. This could allow
an access event to prompt a PTZ camera to move into a pre-set position
or cause a DVR to record at a higher frame rate to capture more details
of the event.
Prompting higher-quality recordings ensures the video resolution is
suffi cient for thorough investigation of access events. Local recording

or archiving of live images or video clips from integrated video storage
devices is also possible with most systems, giving customers the ability
to capture individual snapshots related to important events.
Open standards ease integration
Integrating access control, video monitoring, and intrusion detection
can be rather easy when all components come from the same
vendor and if this vendor also off ers a management platform for all
of them. However, this is rarely the case. In a lot of applications you
will fi nd individual systems from diff erent vendors for each of these
tasks. In this case integration can be a nightmare if the integrator
has to develop interfaces between the individual systems and do a
lot of programming. In today’s installations it is therefore mandatory
to select and install systems based on open and accepted standards
which can easily be integrated by means of a central building management
system as an umbrella. Most current systems use proven IT
technologies such as TCP/IP and OPC for communications with such a
management system.
Integrated systems “off the shelf” can greatly ease installation and
confi guration of the security solution. Logical integration eliminates the
need for multiple software platform and interfaces, resulting in fewer
complications and greater event-driven functionality as well as reduced
installation time and costs. What’s more, this kind of integration also
promises more effi cient operation and a clearly reduced need for training,
but above all also a higher security level.
An open standards-based management system even makes sense in
those cases where one vendor supplies everything, as it opens up the
entire installation for future expansion.
User interface is key
However, these benefi ts do not necessarily come by default. While technical
systems may be quite effi cient, if users cannot properly operate
them, they will not deliver to the promise. An integrated security system
is a very complex apparatus, and if this complexity is not hidden from
the user, the system will be highly prone to human error and malicious
operation. Such systems do need very clear and intuitive user interfaces,
avoiding information overload while off ering all the information that is
currently needed.
This is even more important when several components or dialogs are
open, which will often be the case if you deal with access control, video
surveillance and maybe intrusion detection from the same console.
Secure the security system
When planning an integrated system, functionality and ease of use are
certainly the most important aspects. However, it is also worth to have
a chat with the IT department, as for them such a system is another complex
application that they need to support. And what’s more, it is a mission-critical
application. Security systems need to meet defi ned uptime
requirements and, in the case of live video, also guaranteed bandwidth.
In some cases, strict uptime requirements will enforce fault-tolerant
and redundant confi gurations which the system must support. Being a
critical application, the security system itself needs to be secured against
unauthorised access by means of IT security technologies.
For more information contact Bosch Security Systems - South Africa &
Sub-Sahara Africa, +27 (0)11 651 9838, Christine.Smit@za.bosch.com,
www.boschsecurity.co.za
www.securitysa.com Access & Identity Management Handbook 2013 13

TRENDS
Biometrics by the book
By Andrew Seldon.
All biometric readers are not created equal.
When considering implementing a fi ngerprint biometric solution, most
companies take the advice of their installer or integrator as to which product
to use; others simply look for the cheapest readers available in the
belief that a biometric reader is a biometric reader. The reality, however, is
signifi cantly diff erent: all biometric readers are not created equal.
Hi-Tech Security Solutions spoke to Ideco’s CEO, Marius Coetzee to fi nd
out more about how end users should be choosing biometric readers. In
this article we focus on two aspects of selecting biometric devices: standards
and the admissibility of biometric evidence in court.
Biometric standards
Focusing on fi ngerprint biometrics, as fi ngerprints
represent the majority of all biometrics in use by far,
Coetzee’s fi rst comment on standards is that the
device must be AFIS (Automated Fingerprint
Identifi cation System) compliant. AFIS is a digital
fi ngerprint system used by law enforcement and
governments the world over, including by SAPS
and Home Aff airs. Being AFIS compliant will
allow these authorities to process the fi ngerprint
eff ectively without having to resort to manual
procedures or to manipulate the images.
Furthermore, although PIV (Personal Identity
Verifi cation ) standards are US-based, Coetzee
says some tenders are calling for compliance in
order to ensure their biometric systems are compatible
with the highest security standards. More information
is available in the Personal Identity Verifi cation of
Federal Employees and Contractors document at http://csrc.
nist.gov/publications/fi ps/fi ps201-1/FIPS-201-1-chng1.pdf.
To round it off , Coetzee also recommends all biometric devices should
be compliant with the image quality standards set by the FBI. These
standards have been incorporated into the related ISO and SABS (South
African Bureau of Standards) standards. The ISO relevant standards
include ISO 19794 (Biometric data interchange formats) and ISO 18013
(Personal identifi cation), as well as ISO 19092 and ISO 19785. Further standards
relating to other biometric types and templates are also available.
For a full listing of ISO standards see http://en.wikipedia.org/wiki/List_of_
International_Organization_for_Standardization_standards#ISO_15000.
E2.80.93ISO_19999, or refer to http://www.iso.org.
The SABS incorporates these standards into its own and they have
specifi c committees dealing with various aspects of electronic information
and biometrics. SC71F deals with information security, for example, while
SC71J deals with cards and personal information, and SC71Q deals specifi -
cally with biometric standards.
All these standards deal with the appropriate and compliant use of
personal information and images, of which an individual’s biometric data is
one. It is therefore important for the biometric device one selects to comply
to specifi c standards to ensure interoperability, but also to ensure that the
service one obtains matches internationally accepted standards.
Interoperability
ISO 19794 is important in that it deals specifi cally with interoperability
14 Access & Identity Management Handbook 2013 www.securitysa.com
along with standards from the USA’s NIST (National Institute of Standards
and Technology). Coetzee says interoperability standards are critical
as they allow fi ngerprint templates saved from one compliant reader
to be exported and read by another compliant reader from a diff erent
manufacturer.
Coetzee notes that certain biometric technologies, such as
Multispectral imaging, do not comply with all the standards, which could
result in incompatibility with AFIS systems as well as a high percentage
of false minutiae (the features of a fi ngerprint that are used to identify
them and make comparisons). If the algorithm used to identify the
minutiae isn’t accurate, templates can fail to identify people
accurately or assign the wrong identity to people.
In response to the standards question, Lumidigm, a
company using Multispectral imaging in its biometric
readers noted, “Lumidigm meets the ISO, ANSI
and MINIX standards for template interoperability”.
More specifi cally, the company’s devices
meet the following standards: “Interoperability:
ANSI 378, ISO 19794-2:2005, ANSI 381, ISO
19794-4:2005, NFIQ compliant; MINEX-certifi ed
algorithm; Device certifi cations: CE, FCC Part 15
Class B, EN 60950, IEC 62471, RoHS”.
Securing biometrics as evidence
Another aspect to consider when looking at
using biometrics is the various regulations in South
African law contending with the protection of personal
information, as well as the ability of companies to
use digital biometrics in court.
Coetzee explains that evidence presented in court must
not only be unaltered in any way from when it was presented, but the
chain of evidence showing it has been stored securely and has not been
manipulated at anytime is crucial.
From a biometric perspective, this means that the prosecution or
complainant needs to be able to show that the fi nger put on the reader
was read and the template stored accurately, according to accepted
standards. It must also show that it was stored on a system in a way that
did not alter it and was protected from manipulation by any party while
stored and being brought into court as evidence. If this is not done and
can’t be shown to have been done, the court may reject the biometric
evidence.
For example, a recent episode saw a CEO accused of stealing a few
million from his company. This individual’s password was used to log
into the system and transfer the money. However, the CEO simply said
he didn’t do it and someone must have used his password. There was no
way to prove anything diff erent so the case remains unsolved.
If biometrics had been used to log into the system, the perpetrator
would have been caught, as his (or her) fi ngerprint would have been
the proof that he actually committed the fraud. In court, however, if the
biometric device had not been compliant with the relevant standards the
defendant could claim the fi ngerprint template had been manipulated
and was not admissible.
We haven’t seen such a case in court yet, but Coetzee warns that it

only has to happen once to create serious problems for the biometrics
industry. Any manipulation, no matter how small could result in the biometric
evidence being ruled inadmissible, causing headaches for those
companies using compliant biometric systems. In other words, the CEO’s
fi ngerprint may have been captured when he stole his loot, but because
the reader used does not comply with the standards mentioned above,
he could claim it was manipulated when read or stored and the court
could refuse to accept the biometric evidence on that ground alone.
Protecting personal information
There are various laws in eff ect which govern the use of personal
information. The Electronic Communications Security Act, for example,
in part deals with the protection and security of electronic communications
between systems and people and the prevention of
un authorised access. The new Protection of Personal Information
Act focuses on how and when to store personal information (and
what constitutes personal information), including the prevention of
tampering or manipulation of this data. In addition, the Electronic
Communications and Transactions Act encourages and governs
electronic communications, dealing with issues such as tampering and
securing the information in transactions.
These laws don’t directly deal with biometrics, but do govern
authentication to systems and the security of information citizens,
customers or suppliers provide, as well as the secure transmission of the
data. The company holding the information (and this includes biometric
data if it is used to authenticate and allow or disallow access) must
ensure it is securely stored and is free from tampering or manipulation
from the moment is it entered. Not only will failing to do so fall foul of
the law, but, again, it could compromise the admissibility of the information
in court.
A simple example Coetzee provides concerns AFIS. If your biometric
device does not comply with the AFIS standard when reading fi ngerprints,
it will have to alter the image to make it compatible. What then
are the legal implication of that alteration? How can the company be
sure the alterations are done consistently and uniformly so that it won’t
cause legitimate users’ prints to be rejected or illegitimate prints to be
accepted under the incorrect identity?
In concluding, Coetzee notes that it’s a case of Buyer Beware. The
responsibility for the quality and interoperability of your devices
ultimately lies with the individual or company purchasing the solution.
If you’re simply looking for access to your premises and won’t be using
biometrics for employee verifi cation or sensitive transactions, perhaps
compliance is not critical.
However, when looking at the growth of biometrics and its increased
use in fi nancial transactions and identity verifi cation processes, it may
be the wiser choice to opt for a solution that complies with international
standards to ensure your own peace of mind as well as the ability to
safely and reliably transact with external systems using biometric data.
And let’s be honest, if your biometric reader complies with FBI standards,
it’s unlikely to be rejected as evidence in court.
As a starting point, to ascertain if your biometrics reader does
comply with FIPS (Federal Information Processing Standard) and FBI
standards, you can search for the manufacturer and device via these two
links:
1.) http://fi ps201ep.cio.gov/apl.php
2.) https://www.fbibiospecs.org/IAFIS/Default.aspx
www.securitysa.com Access & Identity Management Handbook 2013 15

OPINION
Make the right biometric choice
By Marius Coetzee, CEO of Ideco Biometric Security Solutions.
Maximise ROI by basing your biometric buying decisions on the ACSIS performance
criteria: Accuracy, Capacity, Speed, Integration, Security.
Fingerprint biometrics is a secure foundation for access control and time
and attendance (T&A) solutions. The technology has a rock-solid reputation
for cutting the risks and losses caused by unauthorised access and
activity within the workplace. In comparison to the outmoded access
cards that biometrics are rapidly replacing, the technology delivers
completely new levels of security control.
All sorts of organisations, from mines to retailers,
have dramatically cut these types of loss by introducing
fi ngerprint-based identifi cation of employees, contractors
and visitors. The business case is straightforward:
the right technology pays for itself.
But this widespread commercial success doesn’t
mean that all biometrics are the all same – some are
defi nitely more capable than others. To decide on which
biometric to choose, you need to assess the technology’s
competency in fi ve key areas: Accuracy, Capacity,
Speed, Integration and Security.
Your assessment should focus on how each of these
key technical competencies translate into measurable
business benefi ts.
Accuracy
This is about how well the technology diff erentiates
between the people it must identify. The process of fi ngerprint-based
identifi cation begins by registering or enrolling the fi ngerprints of people
who will use the system. The key objective of the enrolment process is to
record the best possible fi ngerprint data for each person that the system
will later identify. Successful enrolment depends on technology combined
with methodology. Procedural tasks need to be completed correctly
during enrolment in order to achieve the optimum results.
These results are based on the technology’s ability to recognise the
characteristics – known as Minutia Points – that distinguish one fi ngerprint
from all the other fi ngerprints in the world.
Minutia Points are the precise locations on a print’s surface where
the ridges on your fi ngerprint either split or end. The pattern formed by
these points is unique. Every time you scan your print, the technology
creates this pattern and then compares it to the enrolment record stored
in the system’s database.
If the technology is unable to recognise these points accurately, that’s
where the problems start and levels of accuracy begin to fall.
Enrolment accuracy is measured in terms of Failure To Enrol (FTE).
Based on Ideco’s experience over the past eight years in a wide variety
of SA workplaces – and the fact that over 2.5 million local people have
been enrolled on our scanners – any technology with an FTE rate higher
than 0.2% should be avoided.
Two other accuracy-related factors also need to be considered:
False Acceptance Rates (FAR) and False Rejection Rates (FRR). False
acceptances occur when the technology confuses the fi ngerprints of
two people. False rejections happen when the technology doesn’t even
recognise Jack’s fi ngerprint and wrongly denies him access. Currently,
the most competent fi ngerprint technology will deliver a FAR of under
0.01% and a FRR of below 1%.
16 Access & Identity Management Handbook 2013 www.securitysa.com
Marius Coetzee
Always look for proof. Who says that the technology is capable of
performing at these levels of accuracy? The international benchmarks
have clearly been established through technology-testing by organisations
like the FBI and America’s National Institute for Science and
Technology (NIST). Ask your vendor for these latest test results.
FTE occurs when you can’t register a person’s fi ngerprints.
It happens when the technology is unable to
record suffi cient data from a print and can be caused by
factors such as worn or scarred prints. The consequence
of technologies that produce high FTE rates is that you
will not be able to include everyone you want in the
system. You will have to start creating exceptions. You will
have to use another means of controlling access for these
people. And that means more cost because you now
have to install and administer two separate systems.
FAR, FTE and FRR might sound like techno-jargon
but in reality they create a lot of unnecessary expense.
Capacity
How many people’s prints can the technology manage
and still maintain their optimum levels of accuracy?
Some technologies can’t even handle a few hundred
people before their FAR and FRR levels go through the
roof or they just hang and need to be re-booted.
These technologies might be fi ne in a test environment when you
are running a proof-of-concept trial with just 20 users, but what happens
when the system gets deployed across the full workforce and doesn’t
perform as expected? What will it then cost you to switch to a competent
technology and what recourse will you have with the supplier?
In contrast, the leading fi ngerprint technologies work perfectly with
many thousands of prints. That’s primarily because that’s what the leading
technology was initially designed to do within law enforcement and
government agencies around the world.
Within the workplace, an increasing number of business functions
are leveraging the accuracy of fi ngerprint-based identity data. A clear
example of this is how data from access control systems is also being
used by HR within the payroll function to monitor hours worked and
remuneration.
Sharing identity data across diff erent business functions leads to cost
sharing across the organisation. The biometric system can be funded by
multiple business units. While this is great in terms of increasing ROI, it
can also increase the number of users that must be identifi ed. Can the
fi ngerprint technology handle the higher volumes of users?
Speed
This is all about processing times, how long does it take the technology
to accurately recognise users and either grant or deny access? A technology
that delivers 100% accuracy is probably not much good to you if
it takes fi ve minutes to identify each user. Look for processing times of
under one second per user – even for a system that will need to manage
several thousand users.
Continued on page 18

www.securitysa.com Access & Identity Management Handbook 2013 17

OPINION
Continued from page 16
Slow processing times create delays. People have to queue for longer
in order to gain access or clock-on. To counter the delays caused by
inferior biometrics, you will need to create more access points and install
more scanners. In other words, you have to spend more on infrastructure
and technology. You might need to use four turnstiles and four
fi ngerprint scanners instead of only two. Or you could compensate for
the inadequacies by changing your working hours to allow for a longer,
phased clocking process at the start and end of the day.
If you choose the right fi ngerprint technology and all this additional,
unnecessary expense can be avoided right from the outset.
Integration
Having assessed performance in terms of Accuracy, Speed, Capacity and
Security, it is clearly important to consider how the fi ngerprint technology
will work within your organisation. How it will integrate with various
business functions.
Successful integration determines how you will be able to maximise
the business benefi ts that can be derived from the technology. For
example, is it compatible with all the various components of the existing
systems that handle your access control and T&A? Will it work with your
hardware such as turnstiles and vehicle barriers and will it work with the
software package that manages your payroll?
Another important benchmark here is the technology’s ability to
meet its performance criteria in a variety of physical environments – hot,
cold, dusty, arid, wet, humid, inside and outside. It’s important to be able
to cover all the bases with one fi ngerprint technology rather than getting
into all the complexities of a mix-and-match solution.
A fi nal consideration concerns the compatibility of your system’s fi ngerprint
data with external agencies such as local law enforcement and
government systems. As we see biometrics increasingly being used to
identify people beyond applications in the local workplace, the signifi -
cance of this compatibility will become more and more important.
There are two key questions concerning external integration. Firstly,
is the fi ngerprint technology compliant with SA’s requirements that
govern the use of digital fi ngerprints within our legal system – is it
accepted as proof of identity in a court of law? Can it, for example, be
used to prove the identity of a person who authorised a fraudulent EFT
payment with their fi ngerprint?
Secondly, is the fi ngerprint data fully-compatible with the data held
by government entities such as Home Aff airs and the National Centre for
Certifi ed Identities (NCCI)? For example, if a duly-authorised fi nancial services
organisation chooses to confi rm customers’ identities by comparing
their prints with those stored by the Home Aff airs National Identifi cation
System (HANIS), will the two technologies be fully-compatible?
In other words, be very wary of technology such as multi-spectral
imaging that does not comply with the relevant international standards.
In isolation, the biometric technology might tick all the right boxes,
but if it isn’t compatible with your current systems, then what will it
cost to replace them? If integration is required, how long will it take and
what’s the bill going to come to?
In terms of access control and T&A, the leading fi ngerprint technology
has already been fully-integrated with all the major local solutions.
No ifs and buts, it’s already been tried, tested and proven in local organisations
ranging from mines and factories to retailers and residential
estates. This is commercially signifi cant because past implementations
are your assurance of future success, so it’s clearly sensible to learn more
about these real-world examples of biometrics in action.
The ability to work with external systems like HANIS, SAPS Criminal
18 Access & Identity Management Handbook 2013 www.securitysa.com
Record Centre and the NCCI is signifi cant for a variety of reasons ranging
from HR’s background checking of new employees through to establishing
customers’ identity and their credit-rating. The need to do this might
not exist in your organisation today. But it might tomorrow.
Security
How secure does the system need to be? This will vary according to the
particular application, but it’s important to understand that diff erent
technologies off er diff erent levels of security. For example, some technologies
can recognise fake fi ngerprints, others can’t. What’s important
here is to fi rst decide upon the various levels of security required for different
business processes and then choose a single, unifi ed technology
that can deliver all of this within its range of products.
For example, the access control system at your main entrances might
only require standard fi ngerprint-based identifi cation. However, access
to more secure locations, perhaps a server room, may need to be more
strictly controlled.
Equally, activity within diff erent business functions may merit
higher security measures. Physical entrance to the accounts department
might not warrant the same controls as access to your invoicing
and payment systems. Authorising and making large EFT payments
may need to be controlled with the highest levels of biometric
authentications.
This is about reducing risk, cutting costs and preventing losses by
using accurate identifi cation to control and monitor who can do what
within the workplace. It means reinforcing security within any business
function that can easily be compromised by unauthorised access and
activity – I use your card and you use mine.
From physical access control and T&A, through to managing health
and safety policies and accurate authentication of IT users, fi ngerprintbased
identifi cation is clearly a powerful risk-management tool. But it
also cuts costs by accelerating business processes. An obvious example
is how accurate identity data cuts the admin costs within the payroll
function by eliminating disputes over hours worked. Any process that is
dependent on identity data can benefi t from biometric-based monitoring.
Who issued that piece of protective equipment and who received it?
Who delivered these goods and who took them into stock? Who ordered
them and who issued payment?
By selecting the right fi ngerprint technology, you are also selecting a
single platform that is capable of handling the future security of so many
aspects of you organisation.
Beyond ACSIS
An appraisal of fi ngerprint technology based on the performance criteria
of ACSIS clearly makes sound business sense. However, there are other
equally important factors which should infl uence your biometric buying
decision.
Service, support, advice, training, warranty, repairs and product-availability
are all important commercial criteria that have a direct impact on
maximising the business results that are being achieved by biometrics.
But none of these functions come in the box with a fi ngerprint scanner.
In each of these areas, the competencies of the technology supplier will
directly aff ect the overall performance and cost of running a biometricbased
system.
Because the technology is now so commonplace in the South African
workplace, there are many suppliers you can choose between. And just
as all biometrics are not the same, not all suppliers are either. Choosing
the right technology is one thing. Making it work in your organisation is
something quite diff erent.

www.securitysa.com Access & Identity Management Handbook 2013 19

OPINION
Selecting the right biometric
technology for your needs
By Nicolas Garcia, sales manager, Morpho South Africa.
Biometrics can off er great convenience of use, increased security and accuracy,
decrease in fraud, and great return on investment (ROI).
In 500 BC, the Babylonian already understood the benefi t of using biomet-
rics by signing business transaction with their fi ngerprint in clay tablets.
Nowadays we have moved from clay tablets to electronic tablets and
from simple biometrics to more advanced solutions. Although biometrics
is very often used as a synonym of fi ngerprint, many other biometric
authentication methods can be used.
Etymologically, biometrics is the science of measuring biological data,
‘Bio’ referring to ‘life’ and ‘metrics’ to ‘measurement’, being the measurement
of life or in other words, the measurement of human body characteristics
(DNA, fi ngerprints, veins, irises, voice patterns, facial pattern).
Biometric technologies were, for a long time, mostly used for civil and
forensic application to manage populations, but over the last decade or
so, they have taken more and more importance in our daily life, not only
for civil application but more often in the work environment.
These technologies are now being used for applications such as
physical and logical access control, time and attendance, automation and
every day new applications are introduced. This trend is mainly due to
the many advantages that biometrics has to off er over traditional systems.
Biometrics can off er great convenience of use, increased security
and accuracy, decrease in fraud, and great return on investment (ROI).
However, each biometric has its pros and cons and one needs to carefully
select an adapted technology depending on the specifi c end-user needs.
Let’s take an example. If the primary use of a system is to grant access
to a plant were 5 000 employees have to enter and leave daily, fi ngerprint
technology would be preferred to iris technology as it is faster, easier to
use, and much more aff ordable. Iris technology is adapted to high-security
zones were a few people have to be monitored, but not at all in the case of
mass access control. Face recognition technology would preferably be used
indoors as its performance can be aff ected by light fl uctuation, for instance.
Cost implications
Cost also does play an important role in the process of selecting adequate
20 Access & Identity Management Handbook 2013 www.securitysa.com
biometric technology. The purchase price is very often mistaken with cost
of ownership. A system that cost a little bit less to acquire might prove to
have a much higher cost of ownership in the long run. Its performances
might drop when confronted with the real world demands and require
additional components to perform acceptably. The cost of ownership
therefore will go up with the maintenance costs involved. A proper system
should allow for future upgrades at reasonable cost and be reasonably
backward compatible.
A biometric based system will always be made of two main components.
The enrolment component where the base information of users is
captured and the live system were actual information is compared with
the reference one taken during the enrolment process.
Enrolment is therefore a very important, yet often disregarded, part
of the system. From a bad template, a system can only achieve average
performances at best. For convenience of use and best performances it is
advisable to dissociate both parts of the system. For fi ngerprint technology,
500 dpi has become the standard and a large sensor for enrolment
is preferable in order to capture as many details of the fi ngerprint as
possible. This is very important in rough environments like mines where
fi ngerprints are often partially or completely worn out.
Where fi ngerprints are completely worn out or so bad that traditional
fi ngerprint technologies cannot read them effi ciently, a combination of
two technologies can be used. This is called multimodal biometrics and
can dramatically improve performances and accuracy and that is why
mines all over the world are rapidly adopting this fi nger vein technology.
As biometrics technologies become part of more integrated systems,
they can off er endless possibilities to organisations as long as design and
integration are managed properly.
For more information contact Morpho South Africa,
+27 (0)11 286 5800, nicolas.garcia@morpho.com,
www.morpho.com

www.securitysa.com Access & Identity Management Handbook 2013 21

TRENDS
Biometric myth busting
By Mark Eardley, Supervision Biometric Systems.
Biometrics may now be commonplace in the South African workplace, but do you
really know enough about them?
One of the strangest things in the world of biometrics has to be
the enormous diff erences of opinion about the capabilities of this
technology.
Most people who work in a security-related environment have
almost certainly heard of biometrics. Outside of that group, lots of
people know something about the topic – ranging from the fact
that the police use fi ngerprints, through to some form of contact
with biometrics either at work, perhaps at their bank, or from stuff
they’ve read in the media.
Perceptions about biometrics
amongst both groups of
people - the security community
and the public – are
signifi cant. For example, if we
are going to move towards
using biometrics to identify
people at ATMs or when they
use their payment cards at the
tills, then it’s going to be vital
that Joe Public knows what’s
what and what’s not.
As we see biometrics
increasingly used for user-authentication
within IT systems,
it is important that the entire
community of IT users is also
provided with the low-down.
Even if the IT security specialists
in your organisation have
balanced and accurate perceptions,
what happens if the
C-Suite thinks that fi ngerprints
are nothing more than trivial
sci-fi ?
Myth # 1: You don’t
have to use fi ngerprints.
Why not iris, facial,
voice, retina or palm?
This has to be one of easiest misperceptions to get sorted. Nothing
comes close to fi ngerprints in terms of convenience and accuracy.
Not only is fi ngerprint technology by far the most widely used form
of biometrics, it is also the most advanced and the most mature of all
the biometric methodologies.
The main reason for this is that most of the money spent on
developing biometric technology has been devoted to advancing
fi ngerprint identifi cation. Fingerprint technology also features in the
broadest range of applications, from physical access control to law
enforcement – which is where modern biometrics has its roots.
About thirty years ago, technology that could automate fi ngerprint
identifi cation for policing purposes was beginning to be
Source: Ideco Biometric Security Solutions.
22 Access & Identity Management Handbook 2013 www.securitysa.com
developed. This is signifi cant for two reasons. Firstly, it reinforced
fi ngerprints as the dominant method of identifi cation within law
enforcement – criminals don’t leave an imprint of their iris at the
scene of a crime. Secondly, it attracted the technical and fi nancial
resources necessary to produce what are now the world’s most capable
biometric systems. And because of its global importance within
law enforcement, fi ngerprint technology will continue to attract the
lion’s share of development funding and maintain its pre-eminence
in the future.
Buying anything other than a
fi ngerprint-based biometric system
really just boils down to a poorly
informed choice.
Myth # 2: Fingerprints can
be faked – so what’s the
point?
This one is dangerous because it is
based on an element of truth. You
can certainly dupe some fi ngerprint
technology. But you can’t dupe it
all. Fake Finger Detection or FFD
technology is nothing new and is
an optional feature in all the leading
brands of fi ngerprint scanners.
Essentially, what it does is to establish
that the print it reads is from a
living fi nger.
There is also technology that
combines fi ngerprint recognition
with vein recognition. These scanners
recognise two sets of unique patterns:
the traditional pattern formed
by characteristics on the surface of
the fi nger and the pattern formed by
the vein structure within the fi nger.
Replicating that pattern is going to
be a pretty bloody business and is
probably as near to impossible as makes no diff erence.
So, if you’re concerned about people attempting to dupe the
technology, choose a scanner that either off ers FFD or one that combines
fi nger and vein recognition in a single unit.
Myth # 3: Fingerprints are unhygienic. How can you
possibly expect us to all use the same scanner?
When you think about it, this one really is a bit silly. Most of us use
ATMs on a regular basis and aren’t concerned about pressing multiple
buttons. Enter your PIN at the supermarket cash register and you’ll
be touching at least four keys that hundreds of people have touched
before you.
We can probably fi le this one where it belongs – in the bin. If the
Continued on page 24

www.securitysa.com Access & Identity Management Handbook 2013 23

TRENDS
Continued from page 22
hygiene issue does bother you, perhaps I could gently suggest that
you carry a hanky or a pack of wet-wipes.
Myth # 4. My fi ngerprints are most defi nitely mine.
Who knows what might happen if I give them to you?
Nothing. It’s a blunt answer but it is the answer. Other than being
used for their intended purpose – in some form of access control for
example, or perhaps as proof of identity in a law-court – nothing can
be done with your fi ngerprint data.
Advanced Biometric Technology (ABT) doesn’t work with a picture
of your fi ngerprint. When you place your print on a fi ngerprint scanner,
it doesn’t take a photo of your print. The technology has nothing
to do with what your fi ngerprint actually looks like to you. Perhaps
the most important thing to understand here is that your fi ngerprint
information is stored as an algorithm – a piece of mathematical code
that is just a string of numbers. The sidebar shows what information
actually is being recorded by the scanner.
Myth # 5. What happens if my fi ngerprints somehow
get stolen? How will my prints then identify me and
only me?
This one sometimes gets referred to as the compromise argument.
Unlike some of the other myths surrounding biometrics, on the face
of it, this one sounds good and I’ve often heard it put forward as
a showstopper – a sort of ‘get-out-of-that-one’ approach from the
biometric naysayers.
Let us accept for a moment that someone might be able to
steal your prints and then use them to masquerade as you. Let us
not bother about how they might steal your prints or even about
how they might actually use them. Let us just assume that this has
happened. To address this myth, we need to get a bit more technical
and look at the concept of revocable biometrics. While it might
not be widely known about, the concept has been around for years
even if it has been mostly restricted to biometric research and
academic circles.
Perhaps the most high-profi le work being done on revocable
biometrics is a European Community project called TURBINE.
Admittedly, it’s a bit of a convoluted acronym, but TURBINE stands for
TrUsted Revocable Biometric IdeNtitiEs.
To quote from the project’s website, “TURBINE technology will
protect the biometric template by cryptographic transformation
of the fi ngerprint information into a non-invertible key that allows
matching by bit-to-bit comparison. To enhance user trust, this key
will also be revocable, i.e. a new independent key can be generated
using the same fi ngerprint.
“TURBINE eliminates the risk that a third party breaches the
privacy of a citizen by tracing back his/her identity and any of his/her
personal information associated to one or more of his/her identities.
In addition, in case an identity is compromised, TURBINE will allow
protecting the citizen’s privacy by revoking and replacing the identity
without damages to his/her biometrics data and their use for his/her
other identities.”
In short, it’s an approach to biometric security that safeguards the
integrity of your fi ngerprints in the unlikely event that they somehow
are stolen. For much more detail on the technical aspects visit http://
www.turbine-project.eu/index.php
Myth # 6: Multispectral imaging is the way to go with
fi ngerprint scanners
This one’s dangerous. It’s possibly the most dangerous of all the
24 Access & Identity Management Handbook 2013 www.securitysa.com
biometric myths right now. It’s not that the technology itself is
dodgy, it’s the fact that it falls foul of regulatory requirements. This
is clearly a serious matter and is of a magnitude way beyond the
concerns that are raised in all the other myths.
The problem is a simple one. Multispectral imaging – or MSI -
does not meet the internationally adopted standards for fi ngerprint
image-quality specifi ed by the US National Institute for Science &
Technology (NIST), the Biometrics Task Force of the US Department
of Defence and the FBI.
For a variety of technical reasons, governments and law enforcement
agencies do not consider MSI data to be an accurate representation
of a fi ngerprint.
This means that a court of law is unlikely to accept multispectral
data as evidence of a person’s identity. In other words, you
can’t prove that the fi ngerprint data belongs to a specifi c person.
In the eyes of the law, a multi-spectral print is problematic as proof
of an identity.
Let’s say you go to your bank branch and they ask you to scan
your print as proof of your identity – perhaps to make a large cash
withdrawal. At some later point there is a fraud problem on your
account and it transpires that someone has somehow copied your
fi ngerprint and made another large withdrawal.
If the bank was using a multispectral scanner, then there’s nothing
more to be done because the courts won’t accept the fi ngerprint
data.
Myth # 7: Fingerprint scanners just don’t work.
The question here is: which fi ngerprint scanners don’t work? There
are a few very good scanners and there are a lot of very bad scanners.
But the performance of even the very best scanners is not just about
the quality of the technology. Performance is also dependent on how
the technology is used.
For example, the way your fi ngerprint data is captured in the
fi rst place will aff ect how the technology performs when you actually
come to use it later on. Referred to as enrolment, the initial data
capture needs to be handled according to some straightforward
procedures. There’s nothing at all complex about enrolment but
it does need to be done properly because poor enrolment leads
directly to poor performance. It’s the old story of garbage in, garbage
out.
Equally, some fi ngerprint technologies struggle with recognising
the fi ngerprints of only a few hundred people while others
work perfectly with many thousands. A poor experience with
biometrics in the past is almost certainly down to poor technology.
Once again, it is a matter of selecting the right technology. And to a
certain extent, it’s another old story: you pays your money and you
takes your choice.
Myth # 8: Biometrics are great but they’re just
excessively expensive
This is all about what you want the technology to deliver in terms of
sound business benefi ts. If your company is suff ering losses from any
form of identity-based fraud or unauthorised access, then it’s certainly
worth looking at what these problems are actually costing you
over the long term.
Buddy clocking is a common form of identity-based fraud in
the workplace. People share their cards, clock-on for one another
and get paid for not being there. Thousands, yes thousands, of SA
organisations have completely eliminated those payroll losses by
replacing their card-based systems with fi ngerprint scanners. And
Continued on page 26

www.securitysa.com Access & Identity Management Handbook 2013 25

TRENDS
Continued from page 24
26 Access & Identity Management Handbook 2013 www.securitysa.com
the exceptional accuracy of fi ngerprint-based
attendance data means these companies
have also cut the admin time and related
costs arising from payroll disputes and
discrepancies when cards get forgotten, lost
or damaged.
But biometric technology isn’t just
restricted to preventing payroll fraud or
controlling physical access to your premises.
Link it to your IT systems and you get rid of all
those passwords and PINs and all the problems
and risks they cause. Fingerprint-based
identifi cation can be used to control a whole
host of IT activities such as who can make
EFT payments, alter invoice details or modify
stock-control reports.
And the benefi ts of biometrics are certainly
not limited to big businesses that can
aff ord to run their workforce management
systems on advanced software platforms. For
example, Ideco’s ES2 is a free software package
that controls up to six Morpho scanners
for straightforward physical access control
and time management.
This one really comes down to a business
decision rather than a technical one. If a
stronger form of identity control would save
you money, then the right biometrics can
make solid commercial sense by cutting risk
and cutting losses.
Myth # 9: Biometrics might be
fi ne in an offi ce, but they’re
not suitable for industrial
applications
To counter this perception it’s worth considering
that the local mining industry is one of
the largest users of biometrics.
Mining is also interesting because it’s
also the industry where biometrics are
used across a wide range of applications.
Aside from physical security and payroll
management, the mining industry also uses
fi ngerprint-based identifi cation to control
access to canteens and monitor calorie
intake; to govern the implementation of
health and safety policies; and even to control
who can drive those immense trucks that
ferry ore around the mine.
The plain fact is that in comparison to soft
offi ce environments, biometrics are far more
common in tough environments such as
factories, chemical plants, agriculture, ports
and construction.
Myth # 10: I can’t integrate
biometrics into my systems
A practical rule of thumb here is that if access
to a system is currently controlled by a card,
PIN or password, then these ineff ectual
credentials can probably be replaced with
fi ngerprint-based identifi cation. This sort of
integration work has already been done for
all of the most widely used access control and
T&A platforms.
In terms of access and activity control
within corporate IT systems, competent
fi ngerprint biometrics have already been
confi gured to work in conjunction with
Microsoft’s Active Directory and Novell’s
e-Directory. They have also been integrated
with mainframe-based solutions, replacing
passwords and PINS in software platforms
such as BAS – the Basic Accounting System
that is used throughout SA government
departments.
It would therefore be an error to simply
forego all the risk-cutting benefi ts of
biometrics simply because you assume
that fi ngerprint identifi cation won’t work
with a particular system. Of course, it may
transpire that the necessary integration
work doesn’t warrant the expense involved.
On the other hand, it might be a matter of
plug-and-play. But it certainly can’t do any
harm to ask….
Understanding fi ngerprint biometrics
Advanced Biometrics Technology (ABT) solutions are consistently able to recognise the
positions where the raised ridges on a fi ngerprint either split or end. These positions are
called Minutia Points and are marked on the graphic by the blue symbols.
It is the unique pattern formed by the minutia points that enables an ABT system to distinguish
one fi ngerprint from all others. ABT solutions convert this pattern into an algorithmic
code and then store it for later matching when a user scans their fi ngerprint. Unlike less
advanced biometric technologies, ABTs are not dependent on capturing a photographic
image of the fi ngerprint.
Compliant with the international benchmark standards for forensic and investigative
biometrics, ABT systems underpin the digital fi ngerprint identifi cation solutions that are
used by law enforcement and civil identity agencies worldwide.

www.securitysa.com Access & Identity Management Handbook 2013 27

WHITE PAPER
Identity and access governance, a
future in the cloud
By Connie Grobler, Technology Specialist: Identity, Security and Governance.
When used eff ectively, IAG solutions become the catalyst to meet the challenges of
a complex and changing world.
Change is a given, especially in the technology landscape. There are two
aspects of change that businesses need to consider when it comes to
identity and access governance.
First, businesses must manage their internal systems within ever growing
and changing complexities. There are more things to connect, more
people to connect with more data than ever before. How is change and
complexity causing you to rethink your approach to identity, security and
governance? Do you have the necessary tools to meet those challenges?
Do you have the processes in place to
take your organisation forward into the
rapidly evolving world that lies ahead?
Second, organisations are consuming
software-as-a-service (SaaS) applications
at an exponential rate. While
the advantages of SaaS applications
are great, so are the potential pitfalls of
unauthorised access.
There are several areas to consider
when planning for the future. An
aff ordable, manageable solution that
oversees and controls user access to
SaaS-hosted information becomes
more crucial. Security, compliance
reporting and ease of access are all
issues at the top of the list of concerns,
and organisations must handle
these correctly. Identity and Access
Governance (IAG) solutions may seem
like a burden brought on by increasing
regulation and compliance issues,
but when used eff ectively, IAG solutions
become the catalyst to meet the
challenges of a complex and changing
world.
Introducing identity changes
The general trends transforming
business also transform identity and access management: in a few years,
even the meaning of the terms we use are diff erent. While in recent past
technology vendors, consultancies and businesses tended to see identity
and access management as a minor complement to other security
programmes, it is now becoming evident that what we do with identities
is at the heart of any initiative both for business and IT. With no real
control over who does what when in your environment, there is hardly
any chance of being eff ective at managing your business or security
environments.
Due to government and industry oversight, as well as increased
requirements for internal controls. IAG has become a vital part of all
organisations, be it automated or manual. The drivers that move IAG
28 Access & Identity Management Handbook 2013 www.securitysa.com
needs are nearly always external to the company. IT and business
managers must respond to the pressures of change and complexity in
today’s business environment, security concerns, advancing technologies,
and increased regulation and compliance issues. But as needs and
pressures increase, budgets are on the decline. Managing change and
complexity through governance can be a great opportunity if done
correctly. The key is having not only the correct tools, but the processes
in place to meet these ever growing needs.
The IT industry has seen an
onslaught of new technologies over
the past decade, but one of the most
pervasive and transformative is cloud
computing. According to market analysts,
the software-as-a-service (SaaS)
market will continue its rapid growth
through 2015. Businesses are getting
over their cloud aversions and now
often look to the cloud fi rst when they
need a solution to solve their longterm
or tactical need. A recent Gartner
survey indicates that cloud computing
is on a trajectory to become the
dominant infrastructure for enterprise
computing – this decade.
One of the major challenges for
organisations adopting cloud-computing
services is the secure and timely
management of on-boarding (provisioning)
and off -boarding (de-provisioning)
of users in the cloud. Further, enterprises
that have invested in user management
processes within an enterprise will seek
to extend those processes to cloud
services.
Connie Grobler.
Defi nitions
Identity management
Identity management concerns lie within the IT realm. These deal with
provisioning hardware and software as well as managing the identity of
those using company resources, and the identity of the resources and
devices themselves.
• A person’s identity may include the following attributes:
• Who are you? – name, location, contact info, etc.
• Roles – title, manager, etc.
• Relationships – employee, contractor, vendor, etc.
Once an identity is established, the next step is to determine the
appropriate scope of each individual’s access by creating relationships
with resources. This includes: applications, systems, data, groups, physical
facilities and other company resources.
Continued on page 30

www.securitysa.com Access & Identity Management Handbook 2013 29

WHITE PAPER
Continued from page 28
Access governance
Clearly understanding access is the key to governance. It is ultimately
the responsibility of business management, rather than IT management.
The tools in this area are designed to meet business needs with straightforward,
user-friendly interfaces, for those who may be less technically
inclined.
Identity and access governance
IAG is the convergence of both identity management and access
governance. Eff ective IAG solutions should seamlessly integrate both
disciplines to meet overall company objectives.
The challenges for executives
The digital world is creating shifts in the way business gets done, resulting
in both exciting but often troubling times for executives. What was
once an intimate corporate network is now a globally connected web of
people and devices. More employees work remotely, carrying sensitive
data on notebooks and PDAs. Partners and suppliers are invited inside the
corporate walls to interconnect their own systems and share information.
Vendors and contractors are trusted with access to sensitive data.
Many C-level executives may not know for certain that their information
is secure – that only the right people are gaining access to the
appropriate applications, networks, and data. And now with the introduction
of cloud-based services, mobile devices, and remote users, there
are even more connections to critical data and applications both inside
and outside of the enterprise.
IAG is the security discipline that authorises
users to access corporate systems and information.
It helps prevent fraudulent access and use of
data that could potentially impact the business, its
partners, or even worse, its customers. The majority
of organisations haven’t been able to realise the full
promise of IAG – to secure the enterprise information
in a cost eff ective and compliant manner. Many
have implemented components of IAG, some even
accomplishing the elusive ‘single sign-on,’ but often fall short in other
areas.
At the core of an enterprise’s security and compliance concerns is the
ability to control who has access to what, and to make sure this access is
appropriate at all times.
Equally important is the ability to report on who has been given
access, how they use those resources and who granted access at any
given time. However, as applications extend from physical to virtual to
cloud environments, answering these questions accurately and consistently
becomes challenging – especially at the very end of that progression:
the cloud.
Keeping up in a changing world
While the cloud can mean many things, the National Institute of
Standards and Technology (NIST) defi nes it as “the delivery of computing
as a service rather than a product, whereby shared resources, software,
and information are provided to computers and other devices as
a utility (like the electricity grid) over a network (typically the Internet).
As software applications are delivered in a SaaS model, keeping company
data secure is an increasing problem. How is data secured in the
cloud? How do companies ensure that sensitive materials are not being
accessed by those without proper authentication or authorisation?
The increasing adoption of SaaS and other cloud-hosted applications
is introducing a new level of complexity and risk. These challenges
are not just technical, but also pose a challenge from a procedural and
30 Access & Identity Management Handbook 2013 www.securitysa.com
“The only thing in
life that is constant
is change” -
François de la
Rochefoucauld
policy point of view, and while they vary from application to application.
Some of the common ones are as follows:
Omnipresence
Ironically one of the benefi ts of the cloud paradigm – they are accessible
from anywhere, is also one of the toughest challenges to bringing
them under governance. There is no intranet or extranet anymore, it is
all the same. Moreover, the advent of mobile devices and smart phones
as enterprise computing platforms pushes ubiquity even further. Users
have a multitude of access paths to cloud applications, and in some
cases, these paths provide inconsistent security levels.
Extensiveness
When business owners rush to use SaaS apps for e-mail, expense
management, and more, they sometimes skip over the normal application
deployment lifecycle and security assessment a typical, internally
deployed application would follow, leaving security pros out of the
conversation. This makes it diffi cult for the organisation to proactively
assess and manage these types of risk, and change their posture from
proactive to reactive. IT security is often engaged after the fact to try
and fi x gaping security holes pointed out by auditors.
Ineffi cient security
Security is often an afterthought where convenience and usability take
precedence over security. From an authorisation perspective, the access
control model for each application often is very proprietary;
some rely on a few roles to manage access
while others provide fi ner granularity. Some companies
synchronise user accounts to external apps on a
relatively infrequent schedule through insecure fi le
transfer protocol (FTP) or relying entirely on ‘frontdoor’
authentication for access to wide swaths of app
functionality.
For cloud applications deemed sensitive, organisations
should also be concerned with knowing how
the information is protected within the application, its back ends, when
the data is at rest, and when is backed up, and how it is segmented from
other organisations’ data [due to multi-tenancy of the application]. The
challenge here is SaaS vendors do not disclose all of this information
voluntarily, and at best, will share an IT security assessment report on their
security mechanisms and practices.
Inadequate IAG integration options
While some mature standards exist (i.e. SAML, SPML, WS-Federation)
to allow organisations to integrate their IAG infrastructure with cloud
applications, these are inconsistently adopted by SaaS vendors, if at all,
turning the integration landscape into a collection of one-off s. Many
cloud vendors claim to support identity federation standards, but they
either support it for limited use cases (mainly authentication) or the
breath of the integration is limited compared to what they off er when
using their proprietary APIs. In many cases, organisations have no choice
but to implement custom integration solutions to integrate Cloud applications
with their IAG infrastructure.
What can be done?
Industry participation
In this cutting edge area of IT, it is important to get involved with
peers in the industry, participating in industry forums, and reading
information in the blog space. The work coming out of the Cloud
Security Alliance (CSA ) is very insightful. The CSA is a member-driven
Continued on page 32

www.securitysa.com Access & Identity Management Handbook 2013 31

WHITE PAPER
Continued from page 30
organisation, chartered with promoting the use of best practices for
providing security assurance within Cloud Computing.
Identity and access governance
Whether you’re managing cloud applications or on-premise applications
or both, you need to meet basic access control and governance standards.
Being proactive in defi ning policies for how cloud applications
are to be dealt with from a governance perspective will help the process
of actually bringing them into the fold.
As a baseline, this includes granting, changing, and removing user
access to applications and providing a single view of users and their
access privileges in order to answer the critical question around “who
does have access to what?” In order to meet compliance requirements,
access controls should ensure that users are only granted access
privileges to cloud applications that are appropriate for their job functions
and that the access privileges of all cloud users are reviewed on a
regular basis to ensure they are correct.
An eff ective IAG solution monitors access to all company resources,
including those in the cloud. Cloud resources may be off -site, but
they are not out of mind. Not only does an IAG solution monitor the
appropriate access and usage of cloud-based resources, it also ensures
that you are using only as much as you need, keeping usage fees to a
minimum, and helping you maintain proper control.
Control access to resources that you don’t control.
To ensure that customer and corporate data is secure,
you must extend access management beyond
corporate boundaries. IT needs to take control of user
access in the cloud the same way it has evolved its
processes for your internal applications. And because
employees are increasingly using their personal
mobile devices to conduct business, IT’s access management
reach needs to include these devices as well.
The key to keeping your corporate credentials
safe is to keep them within your control and protection – never in the cloud.
Solutions that replicate user credentials off -premises increase the risk to your
information and ultimately to your business. Similarly, the most secure solutions
won’t let users put corporate credentials in the cloud.
Extend your internally automated processes out into the cloud
IT has spent many years developing the right processes for managing
your environment. For example, today it’s common for organisations to
have a set of policies and processes in place for their enterprise directories,
which are frequently Active Directory implementations. From there,
IT may have connections to other identity stores within the business
that control access to resources and applications based on the employee’s
role within the organisation. These connections are synchronisation
points that automate access control.
IT’s processes for controlling access to cloud-hosted applications
need to be just as automated as its internal access processes. The most
secure approach to controlling authorised access to SaaS applications is
to extend IT’s existing processes to include cloud-hosted applications.
This approach also preserves IT’s current investment.
Use standards for IAG interfaces
There is good news on the horizon regarding standards-based provisioning
of cloud applications. A group of leading SaaS vendors and
identity management providers are working together to defi ne a Simple
Cloud Identity Management (SCIM) interface for provisioning. The fi rst
specifi cation is already available and many IdM vendors are beginning
32 Access & Identity Management Handbook 2013 www.securitysa.com
The digital world
is creating shifts in
the way business
gets done.
to productise the standard. The SCIM standard will create a uniform
management interface for automated provisioning to cloud applications
and should make provisioning to cloud applications widespread and
usable, out-of-the-box.
It is important to use global standards that defi ne well-accepted and
loosely coupled messaging around IAG functions.
Keep workarounds at bay
Unless you extend your single sign-on capabilities out to your SaaS
applications, you’ll fi nd insecure authentication practices creeping back
into your organisation. Once again, users will store their passwords on
notepads or Post-it notes, or in unsecured text fi les. Keeping passwords
centralised in your secure identity vault is just as important as keeping
your credentials out of the cloud. Single sign-on is the key. It ensures
that the user authentication process is simple and doesn’t require users
to remember additional sets of passwords. Security is maintained, and
the user experience is enhanced as well.
Single sign-on solutions done right don’t simply pass the user’s
credentials out to the cloud; rather, credentials are kept on the premises
and in your control. Not only are secret credentials secret, but the solution
controls users’ access behaviour by requiring them to access the
cloud through the gateway.
Report and audit
Depending on the type of applications and information your organisation
is keeping in the cloud, you may need the
same level of auditing and reporting for your SaaS
environments that you have for your internal applications.
Key metrics to track include who has access
privileges, who has actually accessed the applications,
and when they did so. For regulated information,
demonstrating compliance is as important as compliance
itself.
Summary
Changes in the marketplace are creating more urgency for CIOs and
CSOs to implement a better IAG strategy – one that aligns with specifi
c business needs without signifi cantly increasing costs or risk. It’s a
diffi cult challenge and one that won’t be solved overnight. However,
it cannot be put on the bottom of the IT project list just because the
company has limited resources and budget. Nothing is a higher priority
than protecting sensitive company and customer data.
The advent of standards, particularly in security and IAM, as well as
the adoption of common interfaces will ultimately prevail, but it will
take some time before this happens. In the meantime, adoption of cloud
applications will continue to push the envelope of the organisation’s IT
security tolerance and agility.
While the cloud does present new security and compliance challenges,
a governance-based approach to identity management can help
organisations smoothly make the transition to mission-critical cloud
computing. By taking a proactive approach to governing cloud users
and their access privileges, IT organisations can eliminate potential gaps
in control and help facilitate the safe adoption of cloud computing.
Over the next two years, identity management processes and tools will
continue to evolve to better support the cloud, providing new levels of
agility and convenience that business users require to take advantage of
the cost savings and business effi ciencies promised by the cloud.
For more information contact Novell, +27 (0)11 322 8342,
CGrobler@novell.com.

www.securitysa.com Access & Identity Management Handbook 2013 33

TRENDS
Face it
By Walter Rautenbach, neaMetrics.
Variations in background illumination have been one of the main challenges for
practical face recognition systems.
Facial recognition is nothing new. A number of facial recognition terminals
have been available for several years. Unfortunately, this type of biometric
reader is problematic in the African environment due to a combination of
extreme light conditions and dark complexions.
Variations in background illumination have been one of the main challenges
for practical face recognition systems. It is well known that variations
of the same face due to illumination are generally greater than the variations
of diff erent face identities.
Many face recognition algorithms, such as illumination compensation,
image preprocessing, illumination invariant feature extraction and modeling
of the face and illumination have been created to compensate for this problem.
However, these techniques cannot completely compensate for the large
variation in the appearance of the same face due to changes in illumination.
Active illumination-based
face recognition techniques
are considered to be one
of the most promising and
practical methods for solving
illumination issues in
indoor applications. It uses
an active sensing technology
to create desirable ambient
illumination, unaff ected by
uncontrollable surrounding
illumination.
It must be noted, however,
that this technology has its
own limitations, based primarily
on the variable distance
between the user and the
active illuminator. Oversaturation,
partial illumination
and the lack of illumination
are three inherent issues. These can result from the variation of this distance
and can signifi cantly impact the characteristics of a face and, in turn, ultimately
degrade the performance of a face recognition system.
Suprema’s Adaptive IR Illumination Technology solves this issue by
controlling the intensity of the illumination based on the analysis of the
image as well as various features of the face. The illumination is adaptively
adjusted to create the ideal ambient environment for the capture of clear
face images.
Non-intrusive and easy to use
Furthermore, the human face is one of the most common and non-intrusive
biometrics used to identify individuals. It is more universal, acceptable and
easier to access than a fi ngerprint.
Conventional face recognition technology contains inherent weak
points brought about by pose variations. FaceStation’s face recognition
technology overcomes such weak points with Smart Enrollment
Technology, Advanced Face Recognition Algorithm and Adaptive IR
Illumination Technology.
Conventional face recognition systems use just the frontal face and
34 Access & Identity Management Handbook 2013 www.securitysa.com
thus require the user’s active cooperation to establish the correct position.
Diff erent poses have the potential to drastically increase not only the false
acceptance rate, but also the false rejection rate and therefore greatly aff ect
the overall performance of a face recognition system. To compensate, conventional
face recognition systems require the user to control their angle/pose
to coincide exactly with how they were enrolled. This is very time consuming
and extremely inconvenient for the user.
Suprema’s Smart Enrollment Technology solves this problem by using
enhanced face analysis algorithms, combined with a systematic procedure to
view key poses. The system begins by registering a few frontal face templates.
These templates then become the reference for evaluating and registering
the templates for the other poses: tilting up/down, moving closer/further, and
turning left/right.
Strike a pose
Extensive experimental tests
show that each set of poses contributed
greatly to the overall
performance of the system. With
each pose, the facial information
including eyes, nose and mouth,
is automatically extracted and
is then used to calculate the
eff ects of the variation using
its relation to the frontal face
templates.
Algorithms were also created
to automatically detect
and reject improper face images
during the enrollment process.
This ensures proper enrollment
and the best possible
performance.
Although face recognition has many advantages, the concern against
‘Fake Face Attacks’ is highly warranted. Face recognition systems cannot be
practically used without proper countermeasures to this threat.
Even when compared to a fi ngerprint, a face can be more easily imitated
using printed papers and LCD displays. There have been many attempts to
overcome this issue: hardware-dependent approaches such as facial thermogram,
facial vein and 3D depth information require incredibly expensive
hardware, making it infeasible for practical use. Conventional algorithmbased
methods using 2D images, up to now, have not been accurate and
required exhaustive calculations/computing power.
Suprema’s ‘Fake Face Detection’ technology combines cutting-edge
technology with advanced proprietary algorithms. A dual camera system
captures both visible and IR images, which are then processed using
advanced image analysis techniques and intelligent machine learningbased
classifi ers. A fake face is detected by estimating specifi c features and
their distribution is compared to reference models of real faces.
For more information contact neaMetrics, 0861 632 638,
info@neametrics.com, www.neametrics.com

www.securitysa.com Access & Identity Management Handbook 2013 35

TRENDS
The changing face of access
control
By Guido DiPilla, business development manager at Kantech, a Tyco company.
It’s a concept that has transformed industries, business models and the go-to-market
strategy of thousands of products and services.
It’s a concept that has transformed industries, business models and
the go-to-market strategy of thousands of products and services.
Many experts predict that in a few short years, the eff ects of the
software-as-a-service (SaaS) model on the security industry will be
just as transformative, as it rapidly gains acceptance among end
users, dealers, integrators and manufacturers.
One area where SaaS is already producing signifi cant change is
in access control. While managed access is not a new concept, savvy
installers are fi nding new advantages to this approach, as a way to
more effi ciently and eff ectively service their customers and as a
tool for additional marketing and customer retention.
In today’s lean economic times, selling
traditional access control solutions to customers
can be a challenge. As most businesses
today focus on fi nancial recovery, companies
are operating with less staff to handle ancillary
functions like managing an access control
system, and smaller budgets than ever before.
Many security dealers and integrators,
themselves battered by the last few years of
downturn in the commercial market, using
managed access to reposition their businesses
from the traditional break/fi x model into a service
provider. Instead of revenue chunks from
diff erent installations, this approach results in
monthly service fees that provide a consistent
revenue stream on a monthly and year-to-year
basis. Not only does this Web-hosted access
control model also off er additional business
opportunities to the service provider, but
numerous additional benefi ts to the end user Guido DiPilla
as well.
Dealers and integrators considering adding managed access to
their product off erings should become familiar with a few key points
before making the jump into off ering this hosted solution to their
customers.
Platform fl exibility
Managed access control can come in many fl avours and can be
customised to meet the varied needs of your customer base, whether
a multinational corporation with dozens of locations, a large property
management fi rm with several multi-tenant buildings or a small offi ce
with a dozen employees.
With a hosted solution, end users control and manage the access
control system through a Web interface to the access control system
housed on the dealer’s servers. While the end customer is responsible
for adding and deleting cards and performing other system management,
the dealer knows that the system is regularly backed up
and the software is up to date because it resides on his or her local
servers.
36 Access & Identity Management Handbook 2013 www.securitysa.com
The managed solution means that the dealer handles all aspects
of system management, from managed access cards and access
levels of diff erent personnel, automated reporting to video integration
and concierge services. End users looking for some hands-on
control of their system but who are not equipped to handle full
system management can often work with their dealer or integrator to
create a custom solution that meets their needs.
Additional revenue opportunities
One signifi cant emerging benefi t of some platforms enables dealers
and integrators to off er managed access control on a third-party provider
basis. This approach allows larger dealers
to reap additional revenues by leveraging their
existing infrastructure by hosting managed
access accounts for other smaller dealers who
lack the infrastructure or capital to jump into
the game.
Some managed access control platforms
allow an easy transition from hosted to managed
or a hybrid, allowing customers to dial up
or down the three levels of service they require
from their systems integrator based on their
current needs. Others off er a more focused
approach with a solely hosted or fully managed
solution.
Additional avenues for marketing
Current versions of managed access control
platforms also feature the convenience of
the Web for ongoing system use and maintenance.
In the past, end users faxed, phoned or
e-mailed requests to dealers to add and delete
cards, change schedules, and other routine items. Now managed
access platforms off er a Web interface where end users can handle
many of these functions from any Internet-connected device.
For the dealer, often these user interfaces can be branded with
the dealer’s company information, and can also be used for targeted
marketing purposes. For example, if an end user is logging into the
system to add additional cards, a pop message can be programmed
to appear asking the end user if it’s time to order additional access
cards.
The many advancements in managed access control technology,
as well as the growing acceptance in hosted and managed solutions,
provides a glimpse to the future of this market. Dealers and
integrators adopting this type of solution will fi nd themselves well
positioned to off er similar solutions as security technology continues
to transition to hosted and managed solutions.
For more information contact Tyco Security Products,
+27 (0)82 566 5274, emallett@tycoint.com, www.tycoacvs.com

New kid on the Morpho
block
By Andrew Seldon.
Powell Tronics now distributing Morpho biometrics.
With Morpho biometric readers holding two-thirds
or more of the South African market, the French
company decided earlier this year to expand its
distribution base from one primary distributor to
four. Morpho hardware is now available from Ideco
Biometric Security Solutions, Powell Tronics, Impro
and EOH (formerly Stanley).
Mike Austen, the Morpho product manager
at Powell Tronics says the company was excited to
obtain its status as an offi cial Morpho distributor in
May this year. “We have a long history of distributing
high-end security products, including Impro
access control solutions and Golmar IP and analogue
intercoms. The addition of Morpho to our product
list reinforces our reputation for supplying quality
products.”
Austen notes that it’s not simply about shipping
the product, but about the service and added value
Powell Tronics delivers. “Some people thought we
would end up in a price war as soon as the new
distributors were announced, but we understand that
successful distribution depends as much on the value
you provide to your channel as on the quality of your
products.
He adds that more resellers, installers and integrators
will now have access to the Morpho range,
expanding its reach further into the South African
and African market. Austen sees potential in Africa,
with Powell Tronics already seeing between10% and
15% of its sales coming from north of the border.
In gearing up to off er the full Morpho range
to its customers, Powell Tronics has expanded its
Johannesburg offi ce to cater for a new workshop
and new technical resources. All Morpho kit sold will
be put through a pre-delivery check to ensure clients
receive a product that performs to expectation. In
addition, the workshop will also be used to examine
any products sent in for repair. For products still under
warranty, however, the company’s agreement with
Morpho will ensure that products are swapped out,
not repaired.
The preparations for taking on the brand even
went as far as changing the company’s accounting
package to enable it to track serial numbers nationally.
Should a customer need to take a Morpho
product in for repairs, it can be taken to any branch
and they will have a record of it.
In terms of integration, the company’s software
development team in Cape Town has designed a
solution that will integrate Morpho readers via their
interface directly into Microsoft’s Active Directory
(MAD). This project is an extension to its existing
integration exercise in which it has integrated Impro’s
Impronet access control system with MAD, and it will
also be linking Golmar’s IP intercom. This integration
allows customers to maintain only one master
database of user information for their entire organisation.
This will ensure that as soon as a new employee
is captured, he will automatically be assigned logical
and physical access permissions. When the employee
leaves, his details will be updated in one location and
all his access privileges will be terminated, overcoming
the age-old problem of allowing people who
have left the company to retain their access long after
it should have been revoked.
Adds Austen, “We understand that our customers
are interested in solutions, not simply buying boxes of
equipment and we have set ourselves up to cater for
this market. At the end of the day it’s all about quality
products backed by service that adds real value.”
Zulmira Ferraz (P-Tron), Mike Austen (P-Tron), Paul Jeremias (Morpho), John Powell (P-Tron),
Nicolas Garcia (Morpho), Jean-Paul Deguines (Morpho)
www.securitysa.com Access & Identity Management Handbook 2013 37

TRENDS
Balancing security and
convenience to beat fraud
By Ugan Naidoo.
Web-based fraud detection and risk-based authentication solutions stop real-time
fraud in its tracks.
How can fi nancial services organisations enable valid users to complete
transactions easily, and still stop fraudsters from criminal activity? That
question has been taxing the minds of the brightest security specialists
for the last 30 years, and with identity theft, data breaches and fraud at
an all-time high, the question has never been more relevant to fi nancial
institutions.
It’s never been more diffi cult to answer either. Consumers interact
with their banks anywhere in the world through many diff erent and
fragmented channels, ranging from the bank website, an ATM machine,
and an in-store chip and PIN transaction, to online shopping, the
phone, or – just occasionally – at a bank branch. Fraudsters are waiting
to strike at any opportunity to misuse user credentials at any of these
touch points, whether it’s through malware, phishing, card skimming,
or other evolving threats.
Financial institutions typically struggle to collate the risk across
the various customer touchpoints. For example,
if a fraudulent individual steals a credit card and
attempts to take money out of an ATM machine,
afterwards tries to buy a television using a store’s
POS system, and then follows that up with an
attempted online money transfer, many banks
would treat each of these breaches as separate
events because of the diff erent systems and
personnel that service each channel. This severely
undermines their ability to detect misuse.
Convenience trumps security
The fact is that today’s consumers want the least
possible degree of friction when it comes to online
transactions. Time is of the essence and only a
certain degree of inconvenience will be accepted
– especially for lower risk activities. People understand
and tolerate proportionate responses
rather than a fi xed amount of security under all
Ugan Naidoo.
circumstances.
For example, when banking online, customers will tolerate the
process of using their hardware/software PKI token to make a payment
to a new payee but will be less tolerant when making a repeat payment
to the same payee or simply checking their bank balance.
Similarly, isn’t it more reasonable to be asked to verify your identity
when buying an expensive piece of jewelry than it would be if simply
buying groceries at the supermarket? Ideally, the process for low-risk
transactions should be as instant and painless as paying in cash. And for
the higher risk transactions, the bank should use proportionate security
that is related to the risk. Customers understand this and actually enjoy
the benefi ts of the protection.
To keep the valid users in and the fraudsters locked out, fi nancial
institutions need to strike a balance between convenience, cost, and
security – simultaneously keeping customers satisfi ed and their money
38 Access & Identity Management Handbook 2013 www.securitysa.com
safe. That puts them in a dilemma: on the one hand they need to enable
fi nancial transaction services with the least degree of friction; on the
other hand they must verify that it is the right person before allowing
any access – typically authenticating the user via a password and
another credential.
Layered fraud detection and risk-based authentication
To eff ectively separate the ‘goodies’ from the ‘baddies’, fi nancial institutions
need a layered fraud detection strategy that combines risk-based
authentication with a number of diff erent methods of authentication
to ensure that the security is proportionate to the risk of what the user
is doing. This sophisticated risk analysis can include many items such
as the user location, the device they are using online, the value of the
transaction, or the type of goods they are purchasing. Typically, only a
small number of transactions are considered risky and the ideal solution
would identify these activities and then increase
the security level required, in the most convenient
manner possible. Such a solution would
help prevent fraud in real-time on consumer
online services without inconveniencing legitimate
users in the vast majority of their activities.
An advanced authentication solution creates
an adaptive risk analysis process to assess
the fraud potential of every online login and
transaction. The technology provides a variety
of two-factor and risk-based authentication
methods – all geared to frictionless, multichannel
authentication. For example, fi nancial institutions
can examine a wide range of data collected
automatically about each login or transaction.
A risk score can be calculated to help determine
what action to take on a given transaction.
Tolerance thresholds can be set to adjust the
impact on legitimate users. And there’s the
fl exibility to determine the response to that
score based on policies and risk tolerance. This approach transforms
authentication and fraud prevention – while optimising convenience.
Imagine, for example, a customer is visiting London for the Olympics. At
the hotel, they use their credit card with a chip and pin machine so that
their card is authorised for purchases during their stay. In their hotel
room, they make an online banking payment using their laptop. During
the evening, another purchase is made via an iPad. Using multichannel
advanced authentication, the customer’s bank has verifi ed the chipand-pin
card transaction, acknowledged that the customer is in the UK,
and monitors subsequent transactions through other channels, whilst
considering this fi rst authorised transaction at the hotel.
For more information contact CA Southern Africa,
+27 (0)11 417 8645, joanne.cawrse@caafrica.co.za, www.caafrica.co.za

www.securitysa.com Access & Identity Management Handbook 2013 39

OPINION
Foolproof fi ngerprint detection
Virdi’s Jonathan Kahn talks about accurate biometric detection.
There are two measurable aspects with regard to the success of a biometric
solution. Firstly, there is the security aspect in terms of enhancing
the system and making it harder to circumvent than other systems such
as card readers or PIN-based readers. In addition, it is easier to use and
requires less motor operation than other systems – where the card could
be easily left at home.
“The reality is that any access or security system is there to buy time
for the control room or security manager to send a reaction team to
divert a possible criminal act. A biometric system takes longer and is
harder to circumvent and aff ords the security team more time to establish
what threat is present and what action to take,” said Jonathan Kahn,
MD of Virdi Distribution.
He cites an example. “Safes are rated based on how many hours are
required to crack them. Obviously the higher the rating, the longer it will
take even an experienced safebreaker
to open. Criminals would then be
forced to plan their event around the
expected numbers of hours as per the
safe’s rating.
“Another example is that many
people believe that their homes are
burglar proof due to the large number
of security measures they have in
place. However, given the correct tools
and skills, most security systems can
be circumvented, provided that there
is suffi cient time to do so.”
Similarly, the majority of commercially
available biometric technology
readers can also be circumvented.
“This is exacerbated by the proliferation
of information provided in the
public domain on how to outwit
security systems, as evidenced on a
number of popular TV programmes
and by using Google.”
“Programmes like Myth Busters,
Nikita and CSI screen information on
how to produce and use a fake fi ngerprint.
Stories of students with time
on their hands using these methodologies to access supposedly secure
locations abound and media noise surrounding bypassing of e-gates at
passport control facilities is increasing,” Kahn added.
Choosing the right system
Kahn pointed out that because of the inherent similarity in technology
within biometric solutions, there are certain diff erentiating factors that
should be considered when choosing a suitable biometric system.
“Firstly, the size of the sensors should not be a deciding factor.
Following that, detection units should be able to identify both live and
fake fi ngerprints. The majority of readers classify fi ngerprints based on
certain patterns in the loops, whorls and arches apparent in the actual
fi ngerprint. Virdi has added a fourth category – that of ‘undetermined’. If
you know where the minutia points are and you know you are dealing
with a whorl, then you can build a replica of the fi ngerprint so a sensor
can detect it.
40 Access & Identity Management Handbook 2013 www.securitysa.com
The ability to enrol the largest humanly possible number of users
means that your system provides you with increased convenience. “It’s a
commonly known fact that not all readers can enrol all users. For example,
an injury to a digit could exclude a user from the system because of
predetermined specifi cations. Another example is those people with dry
fi ngers, which means an absence of detail available. On the other hand,
a fi nger that is too wet will mean that the captured image is too dark for
correct determination.”
Intelligent image capture from Virdi measures the degree of dryness
on a fi nger and auto-calibrates the scan. In addition, the algorithm
measures and identifi es other characteristics of the fi ngerprint which are
unique, in addition to measuring the minutia points to identify the user.
The traditional method is that where lines start, end and intersect,
the algorithm should plot these points and measure the relationship
between them to build a template.
The issue here is that if there are not
suffi cient points the print will fail
to register. However, if you have a
pattern-based system, the algorithm
is irrelevant. Minutia are not 100%
unique. Virdi uses calibration of
minutia points and others to enrol
the fi ngerprint.
Dual technology foils
criminals
Unlike traditional biometric systems
which have fake fi ngerprint or live
fi ngerprint detection capabilities,
Virdi biometric readers come standard
with both features. By having
both technologies in one reader,
criminals will be unable to use false
fi ngerprints to access properties.
Kahn explained that live fi ngerprints
rely on temperature, electrical
capacitance and pulse to provide
proof of authenticity that the owner
of the fi ngerprint is alive. “However,
these can be defeated by holding the
false fi ngerprint until a certain temperature is achieved; by transferring
capacitance with a saline solution; and mimicking a pulse by transferring
a fi ngerprint to a transparency and placing another live fi ngerprint
behind this transparency.”
With fake fi ngerprints there are a number of methods used for identifi
cation. One example of circumvention could include blocking off the
capacitance. Virdi has a four-tiered approach used to undermine these
avoidance techniques. This incorporates IR scanning technology with
the ability to identify the material the fi ngerprint is made of (chemical
composition) such as silicon, rubber, paper, plastic, gel, etc.; a capacitive
sensor built into the optical scanner to measure electrical discharge;
intelligent algorithm to measure and compare image distortion; and
multi-spectral sensor capabilities.
For more information contact Virdi Distribution, 086 118 4734,
chris@virditech.co.za, www.virditech.co.za

www.securitysa.com Access & Identity Management Handbook 2013 41

WHITE PAPER
iCLASS SE implementation and
migration
HID Global white paper.
HID Global iCLASS Secure Identity Object (SIO)-enabled (iCLASS SE) platform
delivers trust-based security, improved usability and enhanced performance.
HID Global’s iCLASS SE access control platform goes beyond the
traditional smart card model to implement a portable credential
methodology based on the company’s secure, standards-based,
technology-independent and flexible SIO data structure. HID Global’s
iCLASS SE reader and credential family is designed to raise the bar
for overall system security while supporting key emerging technologies
and delivering superior performance, enhanced usability and
increased environmental sustainability.
iCLASS SE readers and credentials are the first access control
products to operate under the company’s Trusted Identity Platform
(TIP) framework, which creates a
secure and trusted boundary within
which all cryptographic keys governing
system security can be delivered
with end-to-end privacy and integrity.
Moving to portable SIOs
within a trusted boundary
In 2010, HID Global took the first step
toward a new generation of contactless
smart card and reader technology
with the introduction of its TIP
framework, which improves security
while enabling the migration of physical
access control technology beyond
traditional cards and readers into a
new world of mobile credentials and
remote identity management. TIPenabled
devices, otherwise referred to
as TIP Nodes, provide interoperability
and portability of secure identity
within a trusted boundary.
TIP provides the framework and
delivery infrastructure to extend the
traditional card and reader model with
a new secure, open and independent SIO data-structure on the credential
side, and corresponding SIO interpreters on the reader side.
SIOs and SIO interpreters perform similar functions to traditional
cards and readers, only using a significantly more secure, flexible and
extensible data structure.
From cards to SIOs
An SIO is a standards-based, device-independent data object that
can exist on any number of identity devices, including HID’s iCLASS
SE credentials. SIOs deliver three key benefits: portability, security
and flexibility.
Firstly, SIOs can reside within any TIP Node, or any location where
the SIO will be generated and interpreted by TIP Nodes. Thus, not
42 Access & Identity Management Handbook 2013 www.securitysa.com
only can SIOs reside on HID’s iCLASS SE credentials, they also are portable
and can reside on other memory cards containing other card
technology, microprocessor-based cards like SmartMX, smartphones
with NFC capabilities, computer disk drives, and many other formats.
This means that solutions can be developed that operate on multiple
device types with varying security capabilities. The same object
stored on one device can later be ported to another device with ease,
and without strict constraints.
Secondly, device-independent SIOs deliver trust-based security.
This security protects objects created and bound to one device from
being copied to another device, thus
protecting sites against cloned card
attacks.
Thirdly, SIOs deliver extensibility
because they are defined using open
standards including Abstract Syntax
Notification One (ASN.1, a joint ISO/IEC
and ITU-T standard). This data definition
allows for an infinitely extensible
object definition. The definition can
support any piece of data, including
data for access control, biometrics,
vending, time-and-attendance, and
many other applications. Unlike many
other fixed-field structures used in
today’s access control card and reader
systems, SIO and associated interpreters
continue to grow in security capabilities
while traditional architectures
remain stagnant, stuck in a fixed definition.
Extensibility brings significant
value to the developer community
that utilises the technology. Since the
interpreter takes care of mapping data
to supported devices, all the developer
has to focus on is generating and transacting (reading/writing)
secure objects. The days of the vending machine developer having to
learn about intricate credential-technology sector terminology and
key rules is over.
iCLASS SE platform overview
The first endpoints to be based on the Secure Identity Object platform
are HID Global’s iCLASS SE family of readers and credentials. The
family includes:
• iCLASS SE credentials.
• iCLASS SE and multiCLASS SE readers.
• iCLASS SE Reader Programming Cards (for field configuration and
upgrade options).

iCLASS SE implementation overview
Implementing next-generation access control capabilities is a very straightforward
process with the iCLASS SE platform:
• Readers are technology-agnostic and designed to simplify migration to the
next-generation iCLASS SE platform based on SIO technology.
• Customers now can order a single reader that will accommodate technology
needs both today and tomorrow.
• Users can optionally follow a migration strategy to SIO technology that
simultaneously enables interoperability between both SIO- and non-SIObased
credentials.
• For optimum security, users can completely transition to the new SIO data
structure.
• Cards are delivered with pre-provisioned SIOs.
• Simplifi es deployment.
• Users have multiple reader-to-panel communication options.
• RS-485 OSDP, CANBUS Hi-O, and Wiegand for legacy control panel
compatibility.
• Reader and credential upgrade options don’t require a physical change to
the device.
• Interpreter packages that support specifi c card technologies can be applied
in the fi eld and after the initial installation.
• Cryptographic operation changes or upgrades can be applied to both readers
and credentials after the initial installation and card deployment.
• Customers optionally can manage their own cards and credential keys.
iCLASS SE features and benefi ts
Based on HID Global’s fl agship smart card and reader technology, HID Global’s
iCLASS SE platform features deliver trusted security, sustainability, improved
performance and usability, and an open system environment that simplifi es
the development of both traditional and mobile access control solutions.
Trusted and secure
• Multi-layered security. Ensures data authenticity and privacy through the
multi-layered security of HID’s SIO.
• Out-of-box SIO compatibility. Ensures highest level of protection.
• Trusted Identity Platform (TIP) node. Provides trusted identity within a
secure ecosystem of interoperable products.
• EAL5+ certifi ed secure element hardware. Provides tamper-proof protection
of keys and cryptographic operations.
• SIO data binding. Inhibits data cloning by binding an object to a specifi c
credential.
• Expanded iCLASS Elite Programme. Extends private security by protecting
uniquely keyed credentials, SIOs and programming update keys.
• Velocity checking. Provides breach resistance against electronic attacks.
• Active tamper. Protects against physical tampering of the reader.
Sustainable
• Software defi ned radio (SDR) technology. Enables reading multiple types
of Prox (125 kHz), including HID and Indala simultaneously enabling SKU
reduction.
• Intelligent power management (IPM). Reduces reader power consumption
by as much as 75% compared to standard operating mode.
• Recycled content. Contributes toward building LEED credits.
• Wiegand-compatible interface. Provides connection to existing panels
without the need to swap out back-end systems.
Improved usability / performance
• SIO media mapping. Simplifi es deployment of third-part objects to multiple
types of credentials.
• Multi-mode frequency prioritisation. Increases transaction performance and
improves card management.
• Combined bi-directional host communication and 125 kHz support.
Simplifi es the reader portfolio off ering and expands the use of Prox and
higher security connections.
• New models. RP10 and RP30 provide multiCLASS functionality in new form
factors, creating more fl exible installation options.
• Flexible hardware connection. Pigtail or terminal strip connections are
included on all reader models.
• Field programmable readers. Provide secure upgrades for migration and
extended lifecycle.
• RGB LEDs. Delivers increasing capability to notify users and trouble-shooters
regarding system state.
• Reader/card anti-passback user notifi cation. Provides clear feedback to the
user while assisting trouble-shooters.
• Read progress notifi cation using LEDs. Provides clear feedback to the user
about new credentials entering the market that require more lead time (e.g.
FIPS 201-compatible credentials).
Open System Environment
• Near Field Communication (NFC) card emulation. Enables migration to HID
access control on mobile devices.
• SIO portability. Provides technology independence and portability to other
smart card technologies.
• Licensable SIO generators and interpreters. Provide an expansive ecosystem
through SDKs and embedded products.
• Upgradeable hardware connection. Allows all Wiegand-based communication
readers to later expand communication capabilities to OSDP, Hi-O and
other bi-directional communication protocols.
Conclusion
HID Global’s next-generation access control card and reader platform
provides a generational step function in security, usability and performance,
and environmental sustainability. The platform introduces a new portable credential
methodology based on a standards-based, technology independent
and highly fl exible SIO identity data structure. HID Global’s iCLASS SE reader
family uses this identity data structure to signifi cantly improve overall system
security while creating a more easily extensible access control system infrastructure
that can also support a new era of more convenient mobile keys and
credentials that can be embedded into phones and other portable devices.
For more information contact HID Global, +27 (0)82 449 9398,
rtruter@hidglobal.com, www.hidglobal.com
www.securitysa.com Access & Identity Management Handbook 2013 43

BIOMETRICS SELECTION GUIDE
44 Access & Identity Management Handbook 2013 www.securitysa.com
Buyers’ Guide
2013
Regular readers will have seen the Hi-Tech Security
Solutions Biometric Buyers’ Guide in various issues
over the past few years. This year, we decided to
include it in the Access and Identity Management
Handbook, where it actually belongs. And as you will
see, it proved the right decision as the following pages
contain the largest buyers’ guide we’ve ever run.
While biometric technology gets most of the
attention these days, there are still millions of people
using cards, PINs, tokens and so forth. We have
therefore supplemented the Biometric Buyers’ Guide
with what we’ve called the Access Buyers’ Guide to
highlight the continued advances in non-biometric
technology.
The buyers’ guides that follow contain a range of
devices and solutions, primarily fi ngerprint based, but
also including facial and hand biometrics, as well as
non-biometric solutions. The idea behind the guides
is to give potential customers an overview of what is
available and most suitable to their needs.
Naturally, in the space available we can’t go into
intricate details on each product, but we have given
the vendors the opportunity to display more than the
basics. Specifi cally, we included two new categories of
Applications and Integration to give readers an idea
where the devices mentioned are most often used, as
well as what integration opportunities and services
are available.
Once again, space is limited so the suppliers can’t
go into detail, but readers will see what potential
these devices have to be integrated into existing
infrastructures as well as the integration services
the suppliers and vendors off er. In some instances,
suppliers work with their integrators and installers to
design and plan solutions. Others have separate divisions
focused on software development to provide
enhanced integration capabilities for their systems,
something proving not only vital, but also popular in
the buying decisions of end users.
The ability to integrate security devices with each
other and into your existing infrastructure is becoming
the norm as businesses look for ways to streamline
their security and IT infrastructure, lower costs and
reduce the diff erent skills they need to keep everything
up and running.
While we have changed the buyers’ guide to better
cater to the needs of the market, we are always on
the lookout for insight into how we can improve the
next guide. So please let us have your comments on
andrew@technews.co.za

www.securitysa.com Access & Identity Management Handbook 2013 45

BIOMETRICS SELECTION GUIDE
Brand New Technologies Brand New Technologies
Device/Solution: ICT Gate
Manufacturer/ brand name:
Identytech Solutions
Distributor/Supplier:
Brand New Technologies
Biometric
technology:
Fingerprint, card
Hardware
description: An
advanced fi ngerprint
recognition terminal
using best-ofclass
fi ngerprint
recognition readers.
The IDT Gate is
available with
integrated Lumidigm
and Futronic sensors and off ers full entry/exit two sensor control off
one board. The solutions guarantees identifi cation in the harshest
environment and successful integration into most access and identity
management solutions on the market.
Application:
• Access control • Identity management
Contact details:
Brand New Technologies, +27 (0)11 450 3092,
dave@bntech.co.za, www.bntech.co.za
Brand New Technologies CEM Systems
Device/Solution: IDT
Wallmount
Manufacturer/ brand
name: Identytech Solutions
Distributor/Supplier:
Brand New Technologies
Biometric technology:
Fingerprint, facial, card
Hardware description:
Introducing the next
generation physical
access control terminal,
the IDT Wallmount off ers
a total solution for those
looking for an indoor/
outdoor terminal manufactured to meet the most rugged standard
in the market (IP65) and with a full anti-vandal casing. IDT Wallmount
series incorporates precision fi ngerprint technologies into ergonomic
computer peripherals that deliver unparalleled performance, reliability
and convenience for both the logical and physical access world.
Application:
• Multi modal biometrics
• Identity management
• Access control
Contact details:
Brand New Technologies, +27 (0)11 450 3092,
dave@bntech.co.za, www.bntech.co.za
46 Access & Identity Management Handbook 2013 www.securitysa.com
Device/Solution: IDT Access
Manufacturer/ brand name:
Identytech Solutions
Distributor/Supplier:
Brand New Technologies
Biometric technology:
Fingerprint, card
Hardware description: The
physical access control terminal
for those who are looking for a
fast and accurate identifi cation/
verifi cation process. The IDT Access
incorporates Multispectral imaging
fi ngerprint technology into an
ergonomic peripheral that delivers unparalleled performance,
reliability and convenience. Available in a modular manner, the
IDT Access provides a price-sensitive solution for small to medium
access control deployments. Whether looking for a verifi cation or
identifi cation process, this PAC terminal and integrated smart card
or proximity reader is the perfect solution.
Application:
• Access control • Identity management
• Verifi cation • Identifi cation
Contact details:
Brand New Technologies, +27 (0)11 450 3092,
dave@bntech.co.za,
www.bntech.co.za
Device/Solution: S610f
Fingerprint Reader
Manufacturer/ brand
name: CEM Systems
Biometric technology:
Fingerprint
Hardware description:
S610f Fingerprint Reader is a
fully integrated biometric and
access control reader that is
used as part of the AC2000
system to control access to
restricted areas where an
additional biometric layer of
security is required. Featuring
a controller, advanced IP card
reader and single biometric solution all in one, the S610f fi ngerprint
reader meets requirements for three stage identity authentication (card,
PIN and biometric verifi cation) using one device.
Application:
• Access control
• Fast verifi cation using a 1:1 fi ngerprint match at the door
• Integral reading technology for Proximity, iClass and Mifare
• Keypad for confi guration and optional personnel identifi cation
number (PIN)
Contact details:
+44 2890 456767, cem.sales@tycoin.com, www.cemsys.com

EasyRoster Software Elvey Security Technologies
Brand Name: EasyRoster Deployment Manager (ERDM)
Distributor/Supplier: EasyRoster Software
Biometric technology: Various
Hardware description: Biometric Readers from suppliers, integrated
with EasyRoster Deployment Manager
Application: Time and attendance in EasyRoster
Integration: Integration with EasyRoster, the leading workforce
management system
Contact details:
EasyRoster Software, +27 (0)12 809 4270,
info@easyroster.net, www.easyroster.net
Elvey Security Technologies Elvey Security Technologies
Manufacturer/ brand name:
GSC 647-50
Distributor/Supplier:
Elvey Security Technologies
Biometric technology:
Fingerprint, RFID
Hardware description: The
647-50 is a combined fi ngerprint
and RFID reader with a durable,
anti-static optical sensor. The unit
is easily integrated with both the
ProxNet and ProxnetPro systems to
enhance the security of an access
control installation. The 647-50 can
be used in two modes – RFID card
plus fi ngerprint (1:1) – up to 5 000
templates. fi ngerprint only (1:N) – up
to 600 templates.
Application:
• Access control
Integration support off ered by supplier:
• Planning
• Technical design
• Repairs
Contact details: Elvey Security Technologies,
+27 (0)11 401 6700, Info@elvey.co.za,
www.elvey.co.za
Manufacturer/ brand name:
Sagem J Series MA J – DUAL
Distributor/Supplier:
Elvey Security Technologies
Biometric technology: Fingerprint
Hardware description:
Supports 500 users, 2 templates each.
Can be soft-unlocked to support
3 000 users. Connects to a
TCP/IP network. Supports
the optical sensor
14x22 mm,500 dpi, 256 grey
levels. Includes a 13.56 MHz
reader for use with Mifare.
Supports templates stored
on a proximity tag for
unlimited users. Supports
Wiegand in for use with
a proximity reader. Supports 26-bit Wiegand out for use with
third-party systems.
Application:
• Access control
Integration support off ered by supplier:
• Planning • Technical design
• Repairs
Contact details: Elvey Security Technologies, +27 (0)11 401 6700,
Info@elvey.co.za, www.elvey.co.za
Manufacturer/ brand name:
NIT920 – Nitgen Biometric Readers
Distributor/Supplier:
Elvey Security Technologies
Biometric technology: Fingerprint
Hardware description: Up to
2 500 users per terminal (1 fi nger
per user). Live fi nger detection.
Supports on-board enrolment.
Three choices of authentication
mechanisms Any two of the
authentication methods can be
used concurrently: Fingerprint, card,
individual PIN. 500dpi optical scanner
and less than 1 second identifi cation
time for up to 4 000 templates.
Application:
• Access control
• Time and attendance
Integration support off ered by
supplier:
• Planning
• Technical design
• Repairs
Contact details: Elvey Security Technologies,
+27 (0)11 401 6700, Info@elvey.co.za,
www.elvey.co.za
www.securitysa.com Access & Identity Management Handbook 2013 47

BIOMETRICS SELECTION GUIDE
Elvey Security Technologies G2
Manufacturer/ brand
name: GSC 647-80
Distributor/Supplier:
Elvey Security
Technologies
Biometric technology:
Fingerprint, facial
Hardware description:
The 647-80 fi ngerprint
and facial recognition
system is ideal for
access control and T&A
applications. The unit
can identify the user by fi ngerprint, face or face + fi ngerprint. Multiple
fi ngerprints per employee can be enrolled. Supports 700 face templates
or 3 000 with fi ngerprint + face or 3000 fi ngerprint templates. 100 000
transaction capacity.
Application:
• Access control
• Time and Attendance
Integration support off ered by supplier:
• Planning
• Technical design
• Repairs
Contact details:
Elvey Security Technologies, +27 (0)11 401 6700,
Info@elvey.co.za, www.elvey.co.za
Ideco Biometric Security Solutions Ideco Biometric Security Solutions
Device/Solution: EVIM Psion
Manufacturer/ brand name:
EVIM Psion
Distributor/Supplier: Ideco Biometric
Security Solutions
Biometric technology: Fingerprint
Hardware description: EVIM Psion is
a mobile terminal for identity control
and transaction management. A
person’s ID number and transactionrelated
data can be captured and
signed with their fi ngerprint. Data is
transmitted to the EVIM server for ID
number verifi cation. Identity-linked
transaction data is processed and
recorded according to pre-specifi ed
business rules.
Application:
• Mobile, time-based access control for
people, vehicles and assets
• Confi gurable to capture multiple data fi elds
• Searchable records using secure browser access
Integration support:
• GPS link to EVIM server
• ID number verifi cation in under 30 seconds
Contact details : Ideco Biometric Security Solutions,
0861 0 43326, contact@ideco.co.za, www.ideco.co.za
48 Access & Identity Management Handbook 2013 www.securitysa.com
Device/Solution: DIGIgarde PLUS
Manufacturer/ brand name: TDSi
Distributor/Supplier: G2 Security
Biometric technology: Fingerprint
Hardware description: DIGIgarde PLUS
combines all authentication modes,
something you know (PIN) something
you have (MIFARE card) and something
you are (fi nger) in one attractive and costeff
ective unit. Featuring a high-resolution
optical sensor and an extremely quick
matching algorithm, DIGIgarde PLUS gives
maximum usability and is suitable for control l
of access points, particularly those requiring a
large number of users and subject to a high
throughput of traffi c. Ideal for time and attendance dance
clocking stations. IP rated for external mounting and
PoE powered for easy installation.
Application:
• Access control • Single door standalone control
• Time and attendance
Integration support:
• Design support, especially with TDSI EXgarde access control
• Software support • RMA process for faulty returns
• Technical support
Contact details: G2 Security, 087 940 9322, info@g2security.co.za,
www.g2security.co.za
Device/Solution: Ideco ES2
Manufacturer/ brand name:
Ideco ES2
Distributor/Supplier:
Ideco Biometric Security
Solutions
Biometric technology:
Fingerprint
Software description:
Free software solution for
managing time-based access
and attendance with Morpho
fi ngerprint technology. Ideco
ES2 access management software is exceptionally easy to use. Access
scheduling and reporting is based on time and zones and the software
controls up to six Morpho fi ngerprint scanners at separate locations on
a single site.
Application:
• Fingerprint-based access management and reporting
• Fingerprint-based time and attendance management and reporting
• Manages access for visitors and contractors
Integration support:
• SQL backups • Import users from MEMS Access database
• Simple visitor and contractor enrolment
• Morpho tools accessible from within the solution
Contact details: Ideco Biometric Security Solutions, 0861 0 43326,
contact@ideco.co.za, www.ideco.co.za

Ideco Biometric Security Solutions
Device/Solution: GreenBox
Manufacturer/ brand
name: GreenBox
Distributor/Supplier: Ideco
Biometric Security Solutions
Biometric technology:
Fingerprint
Hardware description:
Greenbox is a compact
multi-function device that
captures and verifi es identity
data. Greenbox provides
the foundations for managing identity data in an exceptional variety
of ways. Digital identity management is combined in a single unit with
a fi ngerprint scanner, EMV-compliant smartcard reader, 20 mega-pixel
camera, document scanner and signature pad.
Application:
• Processing identity data for FICA and RICA
• Account opening and account take-on
• Credit applications and approvals
• Criminal record checking
Integration support:
• USB connection
• Device drivers included
• MS-based operating system
• Access to GreenForm – digital ID management records
Contact details: Ideco Biometric Security Solutions, 0861 0 43326,
contact@ideco.co.za, www.ideco.co.za
Ideco Biometric Security Solutions
Device/Solution: SuperSign
Manufacturer/ brand name: SuperSign
Distributor/Supplier: Ideco Biometric Security Solutions
Biometric technology: Fingerprint
Hardware description: SuperSign reinforces IT security by replacing
traditional cards, PINS and passwords with fi ngerprint-based
authentication of IT users. Prevents unauthorised IT access and
activity. Integrates with existing policies that govern IT access and
authorisations. SuperSign accurately records who did what, where and
when within IT systems. Supports online and offl ine transactions.
Application:
• Fingerprint-based authentication for initial IT sign-on
• Fingerprint-based authentication for application log-on
• Fingerprint-based authentication for transaction authorisation
Integration support:
• Windows sign-on
• Synchronises with MS Active Directory
• Compatible with existing IdM solutions, e.g. Novell
• Real-time audit logs of IT access and activity
Contact details: Ideco Biometric Security Solutions, 0861 0 43326,
contact@ideco.co.za, www.ideco.co.za
To capitalise fully on the extensive capabilities of Morpho
technology in new integration and development projects, Ideco
off ers a structured range of formal support programs. Backed by
the Ideco technical team, these programs provide highly practical
assistance to ensure that Morpho applications deliver the best
possible operational andcommercial results.
Ideco Biometric Security Solutions
Tel: 0861 0 43326
e-mail: contact@ideco.co.za
www.ideco.co.za
To maintain our industry-leading standards of customer service, Ideco
provides a range of warranty and repair programs for all Morpho
products supplied by us. The programs provide repair or replacement
services that minimise on-site downtime and ensure agreed levels of
operational stability within our customers’ Morpho-based systems.
Ideco Biometric Security Solutions
Tel: 0861 0 43326
e-mail: contact@ideco.co.za
www.ideco.co.za
www.securitysa.com Access & Identity Management Handbook 2013 49

BIOMETRICS SELECTION GUIDE
Ideco Biometric Security urity Solu Solutions Impro Technologies
Device/Solution: SurgeTek
Manufacturer/ brand name:
SurgeTek
Distributor/Supplier:
Ideco Biometric Security
Solutions
Biometric technology:
Biometric Protection
Hardware description:
Lightning and
surge protection for
MorphoAccess solutions.
SurgeTek protects the
Wiegand port and/or
power port of Morpho terminals by preventing high voltage surges,
spikes and sags. It works by channelling over-voltage into the electrical
outlet’s earth or ground wire, stopping it from reaching the Morpho
terminal by maintaining normal voltage.
Application:
• Protects Morpho terminals by preventing high voltage surges,
spikes and sags
Integration support:
• Suitable for all Morpho terminals
Contact details:
Ideco Biometric Security Solutions,
0861 0 43326, contact@ideco.co.za,
www.ideco.co.za
Impro Technologies Morpho
Device/Solution: Biometric Multidiscipline
Time Attendance Reader
Manufacturer/ brand name:
Impro Technologies
Distributor/Supplier:
Access & Beyond, Elvey Security
Technologies, Powell Tronics
Hardware description:
The (BMTA) Biometric Multi-discipline Time Attendance Reader is
designed and manufactured by Impro Technologies, designed to
include all authentication types (Fingerprint, Tag and PIN). Seamlessly
integrated into Impro IXP220 and IXP400i systems, supporting access
features such as door mode patterns and advance messaging. In
addition to reading fi ngerprints, new technology allows the BMTA
to read a multitude of tag types in both 125 kHz and 13.56 MHz
frequencies. These terminals fi t seamlessly into new or existing
applications allowing you to upgrade tag technology without replacing
existing tags.
Applications:
• Access control • Time and attendance
• Large commercial sites • Residential apartments
• Fully integrated control
Support off ered by manufacturer/distributor:
• 24hr local advanced support • Training
• 12-month warranty • Stock holding
Contact details:
Impro Technologies , 08600 IMPRO (46776), www.impro.net
50 Access & Identity Management Handbook 2013 www.securitysa.com
Device/Solution: Fingkey Access
Manufacturer/ Supplier Name:
Impro Technologies
Distributor/Supplier: Dis
Access & Beyond,
Elvey El Security Technologies, Powell Tronics
Hardware description: Fingkey Access is a
cost-eff ective fi ngerprint reader capable of
storing up to 1 000 users (1 fi nger per user) or
500 users (2 fi ngers per user) and prompt
authentication with (LFD) Live Finger
Detection function. Designed for outdoor use
with an IP65 equivalent rating (must be
shielded from direct sunlight and rain).
Compatible with Impro IXP20 and fully integrated
with IXP220 and IXP400i systems, supports advanced access
control and time and attendance management. Fingkey Access
also available in standalone and network modes with free Access
Manager software.
Applications:
• Access control • Time and attendance
• Residential apartments • Small business
• Fully integrated control
Integration support:
• 24hr local advanced support • Training
• 12 month warranty • Stock holding
Contact details: Impro Technologies , 08600 IMPRO (46776),
www.impro.net.
Device/Solution: MA-J Series
Manufacturer/ brand name:
Morpho
Distributor/Supplier: Ideco
Biometric Security Solutions, EOH,
Powell Tronics, Impro, Gallagher
Biometric technology:
Fingerprint
Hardware description:
The MA-J Series is an access
control device available as J-Bio
(fi ngerprint only) or J-Dual
(fi ngerprint + Mifare or Desfi re
cards). It can store up to 3 000 users
(6 000 fi ngerprint templates). The
reader is IP65 rated and can be
used indoor or outdoor. It is PoE (Power over Ethernet) compliant
for easy use and can be connected via WiFi network (optional). With
a modern and elegant design the MA-J Series is perfectly suited for
corporate environment.
Application:
• Access control
Integration support:
• Available from Distributors, Morpho as 2nd level technical support.
Contact details:
Morpho, +27 (0)11 286 5800,
sec.san.contact@morpho.com

Morpho Morpho
Device/Solution:
MorphoAccess 500+ Series
Manufacturer/ brand name:
Morpho
Distributor/Supplier:
Ideco Biometric Security Solutions,
EOH, Powelltronics, Impro, Gallagher
Biometric technology:
Fingerprint
Hardware description:
The MA500+ Series is a fi ngerprint
reader designed for access control
and T&A application. It can store two fi ngerprints per person for a
maximum of 100 000 templates. MA520+D model can operate in
multifactor mode (all combination between fi ngerprint, PIN code and
Desfi re or Mifare Cards). MA500+ Series is compatible with PoE (Power
Over Ethernet) and can also be connected to a WiFi network with an
optional WiFi dongle. Display can be set-up in multiple languages if
needed.
Application:
• Access control
• Time and attendance
Integration support:
• Available from distributors, Morpho, as second-level technical support.
Contact details:
Morpho, +27 (0)11 286 5800,
sec.san.contact@morpho.com.
Morpho Morpho
Device/Solution: MorphoAccess s
VP Series
Manufacturer/ brand name:
Morpho
Distributor/Supplier: Ideco
Biometric Security Solutions,
EOH, Powelltronics, Impro, Gallagher her
Biometric technology:
Fingerprint + vein
Hardware description:
The MA-VP Series is an access
control device available as
MA-VP Bio (fi ngerprint/vein
only) or MA-VP Dual (fi ngerprint/
vein + Mifare/Desfi re cards). It can store t
up to 10 000 users (20 000 templates). The reader
is IP65 rated and suited for indoor or outdoor use. It is PoE (Power
over Ethernet) compliant for easy use and can be connected via WiFi
(optional). The MA-VP can be used where higher security is required
or where fi ngerprint alone is not suitable.
Application:
• Access control
Integration support:
• Available from distributors, Morpho, as second-level technical
support.
Contact details:
Morpho, +27 (0)11 286 5800, sec.san.contact@morpho.com
Device/Solution:
Outdoor MorphoAccess 520D
Manufacturer/ brand name:
Morpho
Distributor/Supplier: Ideco
Biometric Security Solutions,
EOH, Powelltronics, Impro,
Gallagher
Biometric technology:
Fingerprint
Hardware description:
The OMA520D is an
outdoor version of the
MA500+ series. It shares
all the characteristics of the
MA520D (multifactor verifi cation with Mifare or
Desfi re Cards) and is IP65 rated. Its ruggedised casing makes it vandal
resistant. The OMA520D can be used in rough environments like mines,
oil refi neries, etc. or in environments that require high hygiene like
abattoirs where they can be washed regularly. It is PoE (Power over
Ethernet) compliant which makes it easy to install.
Application:
• Access control • Time and attendance
Integration support:
• Available from distributors, Morpho, as second-level technical support.
Contact details:
Morpho, +27 (0)11 286 5800, sec.san.contact@morpho.com
Device/Solution: MorphoSmart
Optical 300 Series
Manufacturer/ brand name:
Morpho
Distributor/Supplier: Ideco
Biometric Security Solutions, EOH,
Powelltronics, Impro, Gallagher
Biometric technology:
Fingerprint
Hardware description: The MSO300
Series is a family of high-end USB
optical sensors. It is based on Morpho’s 25-year experience, in the
fi elds of electro-optics and forensic quality fi ngerprint processing
algorithms. The MSO300 Series covers a wide range of applications:
enrolment, authentication and identifi cation in industrial/
commercial and governmental environments, PC Login, etc. The
MSO300 is also available with a serial connector (MSO200) and with
an embedded smartcard reader (MSO350). The MSO300 integrates 2
LEDs to guide and inform users about ongoing operations.
Application:
• Enrolment • System integration
Integration support:
• Available from distributors, Morpho, as second-level technical
support.
Contact details:
Morpho, +27 (0)11 286 5800,
sec.san.contact@morpho.com
www.securitysa.com Access & Identity Management Handbook 2013 51

BIOMETRICS SELECTION GUIDE
Morpho Morpho
Device/Solution:
MorphoSmart Optical
1300 series
Manufacturer/ brand
name: Morpho
Distributor/Supplier:
Ideco Biometric
Security Solutions, EOH,
Powelltronics, Impro,
Gallagher
Biometric technology:
Fingerprint
Hardware description): The MSO1300 (USB)
has been specially designed to address the needs (security, user,
friendliness) of logical access control to highly secured desktop PC
applications, in industrial, corporate or governmental environments.
The MSO 1300 Series is based on a fast and cost-eff ective optical
sensor and have an embedded storage capacity of up to 500 users
(1 000 templates). It is available with serial connection (MSO1200).
Multifactor authentication can be achieved by using fi ngerprint and
smart card technologies on MSO1350/1250 models.
Application:
• Enrolment • System integration
Integration support:
• Available from distributors, Morpho, as second-level technical support.
Contact details:
Morpho, +27 (0)11 286 5800, sec.san.contact@morpho.com
Natech Universal Technology neaMetrics/Suprema
Device/Solution: T50M
Manufacturer / brand name: ANVIZ
Biometric type: Fingerprint
Distributor/supplier: Natech Universal
Technology
Hardware description: T50M is a new
generation of simple standalone access
control. With metal case and waterproof
cover high level of protection suitable
for outdoor install. Latest TI hardware
platform of high performance, highspeed
fi ngerprint identifi cation can
be easily realised. T50M has the most
compact design in the world. Easy
network management through RS485
or TCP/IP, adopts Anviz develops and
designs touch active optical fi ngerprint sensor and BioNano core
fi ngerprint algorithm. Powerful access control function with door open
sensor, direct lock control.
Application:
• Access control • Time and attendance
Integration Support:
• Consultation (to integrator) • Training (for integrator)
• System design (for integrator) • Service and repair
Contact details:
Natech Universal Technology, +27 (0)73 601 6652,
dean@natech.co.za
52 Access & Identity Management Handbook 2013 www.securitysa.com
Device/Solution: MorphoSmart
FingerVP Series
Manufacturer/ brand name:
Morpho
Distributor/Supplier:
Ideco Biometric Security Solutions,
EOH, Powelltronics, Impro,
Gallagher
Biometric technology:
Fingerprint + vein
Hardware description:
The MSO FVP is a FBI PIV IQS
certifi ed USB biometric reader using
the best of latest technologies.
It simultaneously captures the fi ngerprint as well as the vein and
combined the best of both templates to ensure the highest security
and the best possible performance. The MSO FVP is very well
suited for tough environments where fi ngerprint capture remains
a challenge. The MSO FVP uses LED indicator and fi nger presence
detection to guide and inform users about ongoing operations.
Application:
• Enrolment • System integration
Integration support:
• Available from distributors, Morpho, as second-level technical
support.
Contact details:
Morpho, +27 (0)11 286 5800, sec.san.contact@morpho.com
Manufacturer/ brand name: Suprema
FaceStation
Distributor/Supplier: neaMetrics
Biometric technology: Face
Hardware description: The new
FaceStation is a dedicated face
recognition terminal. Using Suprema’s
proprietary algorithms combined with
state-of-the-art hardware, FaceStation
provides near real-time template
matching results (1:1 000

neaMetrics/Suprema neaMetrics/Suprema
Manufacturer/ brand name:
Manufacturer/ brand name:
Suprema BioStation T2
Suprema BioStation
Distributor/Supplier: neaMetrics
Distributor/Supplier:
Biometric technology:
neaMetrics
Fingerprint, face
Biometric technology:
Hardware description: A high-end
Fingerprint
access and attendance terminal
Hardware description:
off ering fi ngerprint, RFID and PIN
BioStaton is a full-featured high-
authentication with built-in camera
end fi ngerprint terminal that
for face image capturing (snap shots)
combines the advantages of TCP/
for an extra level of security, and video phone interface. interface T2 T2sports sports
IP with Suprema’s renowned biometric ic technology to provide the optimal
an interactive 5-inch touchscreen LCD with intuitive GUI, stores
solution for both access control and time attendance. BioStation comes
200 000 fi ngerprints (1:1, 10 000 1:M), off ers extensive communication with a massive 1GB of memory that supplies storage for up to 200 000
interfaces including TCP/IP, WiFi, PoE, RS485 and Wiegand and features users (1:1, 10 000 1:M) and a staggering 1 million event logs. Its powerful
an embedded web-server which controls up to 10 Suprema IP access processing engine and algorithms provide an uncompromisingly high-
terminals on a web browser without installing any software.
level of biometric security with fl exibility and ease of use.
Application:
Application:
• Access control • Time and attendance
• Access control • Time and attendance
• Applications requiring function selection
• Applications requiring function selection
• Hi-end security applications
• Hi-end security applications
Integration support:
Integration support:
• Technical and sales training
• Technical and sales training
• Architectural system design consulting
• Architectural system design consulting
• Remote, telephonic and onsite support
• Remote, telephonic and onsite support
• Software development integration support
• Software development integration support
• Customised solution development
• Customised solution development
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
enquiry@suprema.co.za, www.suprema.co.za
neaMetrics/Suprema neaMetrics/Suprema
Manufacturer/ brand name:
Suprema BioLite Net
Distributor/Supplier: neaMetrics
Biometric technology:
Fingerprint
Hardware description: Extra
durable IP-based fi ngerprint
terminal with IP65 rated structure
comprehensively sealing it against
invasive moisture, dust and liquid,
making it perfect for outdoor or
indoor installations. From simple door control to complex networked
environments, BioLite Net supports full TandA and access control
functionality for up to 5 000 users. It also features an illuminated keypad,
LCD back light and LED indicator for excellent visibility, integrated RFID and
off ers secure door control, I/O expansion and anti-passback.
Application:
• Access control • Time and attendance
• Applications requiring function selection • Outdoor environments
Integration support:
• Technical and sales training
• Architectural system design consulting
• Remote, telephonic and onsite support
• Software development integration support
• Customised solution development
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
Manufacturer/ brand name: Suprema
BioEntryPlus Series
Distributor/Supplier: neaMetrics
Biometric technology: Fingerprint
Hardware description: Suprema’s BioEntry
series blends next generation IP with biometrics
for elevated security. Off ering
unrivalled quality with exceptional
engineering, BioEntry Series is integrated with
fi ngerprint and card and covers a full range
of access control applications from simple
standalone door control to complex networked access control systems.
BioEntry W takes the series further by encasing a product into an IK08 vandalresistant
housing and adding PoE for easy and cost eff ective installation.
Application:
• Access control
• Applications requiring function selection
• Outdoor environments (W)
• Environments requiring vandal protection (W)
Integration support:
• Technical and sales training
• Architectural system design consulting
• Remote, telephonic and onsite support
• Software development integration support
• Customised solution development
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
www.securitysa.com Access & Identity Management Handbook 2013 53

BIOMETRICS SELECTION GUIDE
neaMetrics/Suprema neaMetrics/Suprema
Manufacturer/ brand name:
Suprema SupreMOBILE
Distributor/Supplier: neaMetrics ccs
Biometric technology: Fingerprint rint
Hardware description: A compact aact
portable biometric terminal that is
aesthetically pleasing and off ers
outstanding performance – even
in the harshest weather environments. ments
Sealed to keep out dust, dirt and rain, SupreMOBILE is the perfect
solution where rugged mobility is a must. One charge gives you at least
10 hours uptime. (An extended battery is available, doubling usage.)
SupreMOBILE comes standard with an RJ45 for LAN connectivity;
optional Wi-Fi, GPRS/Edge or 3G routers are available. SupreMOBILE
comes fi tted with Suprema’s BioLite Net, BioEntry Plus or BioStation.
Application:
• Mobile time and attendance • Random and emergency roll call
• On demand identifi cation (exams, random visitor)
• Applications requiring function selection
• Outdoor environments
Integration support:
• Technical and sales training
• Architectural system design consulting
• Remote, telephonic and onsite support
• Software development integration support
• Customised solution development
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
neaMetrics/Suprema neaMetrics/Suprema
Manufacturer/ brand name:
Suprema RealScan-G1
Distributor/Supplier:
neaMetrics
Biometric technology:
Fingerprint
Hardware description: FBI certifi rtifi ed
single-fi nger live scanner with Suprema’s
advanced live fi nger detection (LFD) technology.
Combining superior optical engineering with slim and compact form
factor, RealScan-G1 off ers every essential feature for high-speed
fi ngerprint capturing in civil and criminal ID projects. The device ensures
high quality image capturing with halo eff ect elimination, ghost image
elimination and automated image quality check processes. It features
a rugged IP54 structure, providing extra durability; captures 500dpi
greyscale images and has a wide platen (1.0 x 1.0 inch).
Application:
• National ID • Immigration and border control
• Criminal clearance • Civil identifi cation
Integration support:
• Technical and sales training
• Architectural system design consulting
• Remote, telephonic and onsite support
• Software development integration support
• Customised solution development
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
54 Access & Identity Management Handbook 2013 www.securitysa.com
Manufacturer/ brand name:
Suprema BioMini and plus
Distributor/Supplier: neaMetrics
Biometric technology: Fingerprint nnt
Hardware description: Designed
specially to provide a high level of
security for desktop PC and
complex network environments.
Packed in a sleek and ergonomic design, eesign,
it
features a 500 dpi optical fi ngerprint nt sensor,
scratch free sensor surface and fast t matching speed: 1:100 000/
second. Also, high speed USB2.0 interface and Suprema’s multiaward
winning Algorithm. BioMini Plus features advanced hybridtype
live fi nger detection (LFD) technology and FBI certifi cation.
Combined with its comprehensive SDK solution, BioMini off ers
superb hardware and software compatibility making it an ideal
platform for developers.
Application:
• Fingerprint enrolment • Biometric identity
• Application user security • Time and attendance
Integration support:
• Technical and sales training
• Architectural system design consulting
• Remote, telephonic and onsite support
• Software development integration support
• Customised solution development
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
Manufacturer/ brand name: me:
Suprema RealScan-D
Distributor/Supplier:
neaMetrics
Biometric technology:
Fingerprint
Hardware description: FBI BI certifi ed
portable dual-fi nger live scanner anner featuring
Suprema’s leading optical image-processing mage-processing technology. technology RealScan-D
off ers maximum performance under harsh environments and guarantees
precise image capturing for wet and dry fi ngers. It has a sleek and
ergonomic design with built-in buttons for on-device operation and its
extra wide platen allows for high-speed image capturing of single fi nger
fl ats, rolls and two-fi nger fl ats. It also off ers auto-capture by sensing fi nger
placement, slippage detection (for rolls), halo and ghost image elimination,
image quality checks, sequence check and automatic segmentation.
Application:
• National ID • Immigration and border control
• Criminal clearance • Civil and criminal applications (police)
• High-speed fi ngerprint capturing
Integration support:
• Technical and sales training • Architectural system design consulting
• Remote, telephonic and onsite support
• Software development integration support
• Customised solution development
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za

neaMetrics/Suprema Softcon
Manufacturer/ brand name:
Suprema RealScan-G10
Distributor/Supplier: neaMetrics cs
Biometric technology:
Fingerprint
Hardware description:
FBI certifi ed compact live-scanner er
for single and ten-print capture
(single fi nger fl ats, rolls and four
fi nger slaps). Suprema’s advanced d
optical technology allows high-speed peed
image capturing and seamless image mage
processing. Its IP54-rated dust and water resistant housing makes it
suitable for indoor and mobile environments. RealScan-G10 provides
fast and easy capture of wet and dry fi ngers, automatic image quality
checks, sequence check, slippage checks and automatic segmentation.
Application:
• National ID • Immigration and border control
• Criminal clearance • Civil and criminal applications (police)
• High-speed fi ngerprint capturing
Integration support:
• Technical and sales training
• Architectural system design consulting
• Remote, telephonic and onsite support
• Software development integration support
• Customised solution development
Contact details: Suprema, 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
Softcon Uniclox Technologies
Manufacturer: Softcon
Brand name: mKnock
Distributor/Supplier: Softcon
Hardware description: Softcon’s
latest access control software, mKnock,
off ers an all-encompassing access
and identity management solution to
clients across multiple industry sectors.
Using the latest in development
technology, mKnock provides a
fl exible, versatile as well as a powerful
tool to empower companies with
actionable data as well as automating
various processes within the organisation. Integration with third-party
systems is made easy using Softcon’s mLink module.
Application:
• Access control and identity management • Resource management
• Biometric integration • Smart card solution
• Integration platform
Integration support:
• Project design and scope assistance
• Custom software and hardware development
• Installer training
• Repair facility
Contact details:
Softcon Software Control Services, +27 (0)12 348 7301,
sales@softconserv.com, www.softconserv.com
Manufacturer/ brand name: Morpho o
MorphoAccess VP Reader
Distributor/Supplier: Softcon
Biometric technology:
Fingerprint, vein
Hardware description:
The MorphoAccess VP terminals bring g
for the fi rst time the benefi ts of the
fi nger vein/fi ngerprint multimodal
technology, developed to
operate in any kind of
environment. The MorphoAccess
VP Finger Vein readers are seamlessly integrated with the mKnock
software and Softcon hardware. Softcon’s latest access control software,
mKnock, off ers an all-encompassing access and identity management
solution to clients across multiple industry sectors.
Application:
• Access control and identity management
• Resource management
• Biometric integration to MorphoAccess VP
• Integration platform
Integration support:
• Project design and scope assistance
• Custom software and hardware development
• Installer training
Contact details:
Softcon Software Control Services, +27 (0)12 348 7301,
sales@softconserv.com, www.softconserv.com
Device: HandPunch Series
Manufacturer/ brand name:
Ingersoll Rand
Distributor/Supplier: Uniclox
Technologies
Biometric technology: Hand
geometry
Hardware description: The Hand
Punch Series from Uniclox is popular r
in many industrial companies who
fi nd that hand geometry is faster
and more consistent because it
is unaff ected by dirt, paint, oil or damage tto th the fi ngertips. ti Employees
E l
enter their number and place their hand on the platen of the HandPunch
terminal. It automatically takes a three-dimensional reading of the size and
shape of the hand and verifi es the user’s identity in less than one second.
Anti-microbial platen provides a hygienic fi nish that resists bacterial
degradation using silver nano-technology.
Application:
• Access control • Time and attendance
• Ring a siren/bell
Integration support:
• Full technical support in all major centres, including consulting,
installation, training and call centre.
Contact details:
Uniclox Technologies, 0861 UNICLOX, www.uniclox.com,
sales@uniclox.com
www.securitysa.com Access & Identity Management Handbook 2013 55

BIOMETRICS SELECTION GUIDE
Uniclox Technologies Virdi Distribution SA
Device: Face ID
Manufacturer/ brand name:
Hanvon
Distributor/Supplier:
Uniclox Technologies
Biometric technology:
Face
Hardware description:
Uniclox FaceID terminals are
suitable for offi ces and high-end retail
environments or where religious and cultural traditions making
touching off ensive. Employees simply look at the clock and within a
second they are identifi ed and clocked in for work. Facial recognition
is a hygienic alternative to a fi ngerprint terminal has specialised
dual camera sensors that perform three dimension facial analysis,
providing the fastest and most reliable verifi cation even under
low lighting conditions. They cannot be fooled by 2D images and
photographs.
Application:
• Access control
• Time and attendance
• Job costing
Integration support:
• Full technical support in all major centres, including consulting,
installation, training and call centre.
Contact details:
Uniclox Technologies, 0861 UNICLOX, www.uniclox.com,
sales@uniclox.com
Virdi Distribution SA Virdi Distribution SA
Device: AC 5000
Manufacturer/ brand name:
Virdi
Distributor/Supplier:
Virdi Distribution SA
Biometric technology:
Fingerprint
Hardware description:
Weatherproof IP65 terminal,
supports up to 20 000 users,
colour LCD with custom
messaging, live and fake
fi nger detection optical scanner,
touch keypad, RFID or Mifare card reader,
on board multi i/O controller, TCP/IP with
Wiegand output and PoE.
Application:
• Access control
• Time and attendance
• Portable time and attendance
Contact details:
Virdi Distribution SA, +27 (0)21 404 4690,
info@virditech.co.za, www.virditech.co.za
56 Access & Identity Management Handbook 2013 www.securitysa.com
Device: SR 100
Manufacturer/ brand name:
Virdi
Distributor/Supplier:
Virdi Distribution SA
Biometric technology:
Fingerprint
Hardware description:
Fingerprint slave reader, live
and fake fi nger detection
optical scanner, RFID or Mifare
card reader, tri-colour LED and
buzzer, works with AC 2100 / AC 2500 00
and AC 4000.
Application:
• Access control
• Time and attendance
Contact details:
Virdi Distribution SA, +27 (0)21 404 4690,
info@virditech.co.za, www.virditech.co.za
Device: SMART-i
Manufacturer/ brand name:
Virdi
Distributor/Supplier:
Virdi Distribution SA
Biometric technology:
Fingerprint
Hardware description:
Smartphone / tablet
managed weatherproof
IP65 terminal with
integrated camera, supports
up to 1 000 users, live and fake
fi nger detection optical scanner,
touch function keys, WiFi and
RS-485 and Wiegand outputs.
Application:
• Access control
• Time and attendance
• Portable time and attendance
Contact details:
Virdi Distribution SA, +27 (0)21 404 4690,
info@virditech.co.za, www.virditech.co.za

Virdi Distribution SA ZKSoftware
Device: AC 2500
Manufacturer/ brand
name: Virdi
Distributor/Supplier: Virdi
Distribution SA
Biometric technology:
Fingerprint
Hardware description:
Powerful low cost terminal,
supports up to 1 500 users,
live and fake fi nger detection
optical scanner, RFID or
Mifare card reader, on board
multi I/O controller, TCP/IP
with Wiegand output and
optional wireless module.
supports SR100 slave reader.
Application:
• Access control
• Time and attendance
• Portable time and attendance
Contact details:
Virdi Distribution SA, +27 (0)21 404 4690,
info@virditech.co.za, www.virditech.co.za
ZKSoftware ZKSoftware
Manufacturer/ brand
name: ZKTeco / T5-C
Distributor/Supplier:
ACT Tech Services
Biometric technology:
Fingerprint
Hardware description:
The T5-C not only off ers
ease but functionality as
well. Time and attendance
has never been this
simple combining an easy to use sensor with a very practical colour
screen. The polished fi nish to the unit off ers an uncomplicated choice
to where the unit should be installed suiting an offi ce or a corporate
environment. The unit off ers a wide variety of options with regards to
the communication options including USB and TCP/IP.
Application:
• Colour TFT screen • Stores 3000 templates
• Built-in serial and Ethernet ports
• USB port for manual data transfer
• Reads fi ngerprints and/or PINS
Integration support:
• Repairs • Logistics
• Technical support • Training
• Maitenance
Contact details: ACT Tech Services, +27 (0)11 023 8789,
anthony@acttechservices.co.za, www.acttechservices.co.za
Manufacturer/ brand name:
ZKTeco / MultiBio 700
Distributor/Supplier: Accsys
Biometric technology: Face, fi ngerprint gerprint
Hardware description: The TFT colour touch
screen of MulitiBio 700 provides ease ase of use
and a rich user experience. The MultiBio ultiBio 700
uses state of the art 3D imaging technology
echnology
while also providing hygienic 100% % touch-free
biometric authentication. The MultiBio tiBio 700
uses ZK’s latest face and fi ngerprint nt
matching algorithms which are even ven
faster than its predecessor. MultiBio io 700
can do one to many (1:N) match up p to
400 faces and 2 000 fi ngerprints. This
versatile unit can accommodate face, ace,
fi ngerprint and RFID card access control. ontrol.
Application:
• Accsys PeopleWare – Time and attendance, ttendance, access control, control, payroll,
HR and ESS server and cloud solution ution on a single database. database
• Features include managing doors, booms, turnstiles and interfaces
to OEM payrolls.
Integration support:
• Installation • Implementation
• Training • Support
• Maintenance
Contact details: Accsys, +27 (0)11 719 8000, pr@accsys.co.za,
www.accsys.co.za.
Manufacturer/ brand name:
ZKTeco / L5000 Biometric Doorlock
Distributor/Supplier: Assa Abloy
Biometric technology: Fingerprint
Hardware description: The L5000 series
of door locks off ers peace of mind not
only to a house owner but also to any
business enterprise wanting to secure
access control to their premises. With ease
of installation this state of the art unit
provides sophistication that is easy on the
eye. A 1.2-inch screen that provides all
the comfort of transaction verifi cations.
The L5000 is manufactured with a robust
casing and also a backup system of
battery override and key entry.
Application:
• Fingerprint lock
• Versatile and reliable
• Easy Installation
• USB interface for data collection
• 1.2-inch Screen Indications
Integration support:
• In house specifi cation service • Technical back up
• Repairs
Contact details: Assa Abloy, +27(0)11 761 5000,
alistair.thackeray@assaabloy.com, www.assaabloy.com
www.securitysa.com Access & Identity Management Handbook 2013 57

BIOMETRICS SELECTION GUIDE
ZKSoftware ZK Software
Manufacturer/
brand name:
ZKTeco / HL100
Dead Bolt Lock
Distributor/
Supplier: Assa Abloy
Biometric
technology:
Fingerprint
Hardware
description:
A unique add-on
security device
with the HL100
Dead Bolt Lock, suited for your offi ce or home doors. The device
is manufactured from high density steel and standard American
Cylinder to secure the locking mechanism. External battery override
is provided to access when batteries have run out. Access methods
include fi ngerprint, PIN and key entry. It’s easy to install with no
wiring and a reversible lock (left and right). The illuminated keypad
adds value to the small, durable door lock.
Application:
• Access control
Integration support:
• In house specifi cation service • Technical back up
• Repairs
Contact details: Assa Abloy, +27(0)11 761 5000,
alistair.thackeray@assaabloy.com, www.assaabloy.com
ZKSoftware ZKSoftware
Manufacturer/ brand name: ame:
ZKTeco / iFace302
Distributor/Supplier:
Biotrace Business Solutions ns s
Biometric technology:
Fingerprint, face
Hardware description:
This multi-biometric
device is the perfect
Time & Attendance
device, that can also be
combined for access control. rol.
The iFace302 features a massive 4.3 inch
touch screen, and can accommodate 500 facial templates and
3000 fi ngerprint templates. Standard features include: SMS, Workcode,
DST, Scheduled Bell etc. Communication mediums includes TCP/IP, USB
Host, RS-232/485 and Wiegand Out. Easy communication setup with
third-party controllers are an added feature of the device.
Application:
• Time and attendance • Access control
Integration support:
• Installations
• Training
• Technical support
Contact details:
Biotrace Business Solutions, +27 (0)12 662 2721,
biotrace@workmail.co.za
58 Access & Identity Management Handbook 2013 www.securitysa.com
Manufacturer/ brand ndd
name:
ZKTeco / L7000 Biometric meetric
Doorlock
Distributor/Supplier: er r: Assa Abloy
Biometric technology: oggy:
Fingerprint
Hardware description: ioon:
Elegant, ergonomic an and nd easy are the
three words best describing scribing
the L7000
Biometric Fingerprint t Doorlock. With an
easy interchangeable e handle from left to
right, it’s easy to install. all.
LCD screen
enhances the stylish
look on the unit, and d
packed with multifactor
identifi cation
methods, rugged
sensor technology
and a robust mechanical
structure. Standard features include: 500 fi ngerprint templates,
100 PIN passwords, 30 000 transaction logs and a USB Host
communication port.
Application:
• Access control
Integration support :
• In house specifi cation service • Technical back up
• Repairs
Contact details:
Assa Abloy, +27(0)11 761 5000, Alistair.thackeray@assaabloy.com,
www.assaabloy.com
Manufacturer/ brand name:
ZKTeco / F8-T
Distributor/Supplier: EOH ii
Biometric technology: Fingerprint
Hardware description: The F8-T is a
sleek T&A, with simple access control,
terminal. It integrates the reliable
and durable ZK optical sensor and
is available with fi ngerprint, PIN and
RFID recognition modes.
• 1 500 fi ngerprint templates
• 50 000 log capacity
• 1 touch 1 second recognition
• Black and White screen with Keypad
• Ethernet, USB (host), RS-232/485 and
Wiegand input/output ports for
communications
• Fingerprint, PIN and RFID
(125 kHz proximity)
• Supports 50 time zones, 5 access control groups and 10
unlock combinations
Application:
• Access control • Time and attendance
Integration support:
• Full SDK available for integration
Contact details:
EOH ii, +27 (0)11 844 3200, siresen.naidoo@eoh.co.za, www.eohii.co.za

ZKSoftware ZKSoftware
Manufacturer/ brand
name: ZKTeco / IN01-A
Distributor/Supplier:
EOH ii
Biometric technology:
Fingerprint
Hardware description:
The IN01-A is the most
cost eff ective and feature
packed T&A, with simple
access control, terminal.
Fingerprint, PIN and RFID
recognition modes are
available.
• 3 000 fi ngerprint templates
• 100 000 log capacity
• < 1 second user recognition
• 3.5-inch colour touch screen
• Ethernet, USB (host), RS-232/485 and Wiegand input/output ports for
communications
• Fingerprint, PIN and RFID (125 kHz proximity)
• Built-in battery backup and power supply included
Application:
• Access control • Time and attendance
Integration support:
• Full SDK available for integration
Contact details:
EOH ii, +27 (0)11 844 3200, siresen.naidoo@eoh.co.za, www.eohii.co.za
ZKSoftware ZKSoftware
Manufacturer/ brand name:
ZKTeco/ ZK 54
Distributor/Supplier: EOH ii
Biometric technology:
Fingerprint
Hardware description: The ZK
54 is a reliable, durable and highly
accurate access control terminal.
It has an IP54 metal case and is
available in fi ngerprint and RFID
recognition modes.
• 1 500 fi ngerprint templates
• 50 000 log transactions
• < 1 second user recognition
• Ethernet, USB (host), Serial and
Wiegand input/output ports for
communications
• Supports 50 time zones, 5 access
control groups and 10 unlock
combinations
• Fingerprint and RFID (125 kHz proximity)
Application:
• Access control
Integration support:
• Full SDK available for integration
Contact details:
EOH ii, +27 (0)11 844 3200, siresen.naidoo@eoh.co.za, www.eohii.co.za
Manufacturer/ brand name: e:
ZKTeco / VF 380
Distributor/Supplier:
EOH ii
Biometric technology:
Facial
Hardware description:
The VF380 is a facial
identifi cation T&A terminal
with simple access control.
Face, PIN and RFID recognition on
modes are available. With a
VF380 you can easily manage e
your workforce and access control ontrol
effi ciently with an elegant
ergonomic design.
• 200 Facial Templates
• 100 000 log capacity
• < 1 second Verifi cation speed
• 3” Colour touch screen
• Ethernet and USB (host and client) communications
• Face, RFID and optional Mifare card
Application:
• Access control • Time and attendance
Integration Support:
• Full SDK available for integration
Contact details:
EOH ii, +27 (0)11 844 3200, siresen.naidoo@eoh.co.za, www.eohii.co.za
Manufacturer/
brand name:
ZKTeco / S900 GPRS
Distributer/Supplier:
ERS Biometrics
Biometric technology: :
Fingerprint
Hardware description: :
An advanced fi ngerprint t
reader, can be mounted oor
r portable.
Built-in card reader (RF, Mifare, ifare iif
HID) HID). D) 33.5-inch 5-inch i h LCD CD ffull full ll colour colour l di display l
clearly indicates date and time and acceptance or rejection of an
employee’s fi nger. Reader can enroll up to 10 fi ngers, recognition in
under 1 second, storing up to 8 000 fi ngerprints per device as well as
200 000 records. Communicates with server via GPRS or LAN. Built-in
relay for access control, integrating with maglocks, turnstiles, etc.
Built-in siren functionality.
Application:
• Time and attendance • Access control
• Job costing
Integration Support:
• Call centre to cater for inbound queries
• 48-month swap-out warranty on hardware
• Comprehensive service level agreement
• Nationwide support coverage
Contact details: ERS Biometrics, +27 (0)10 593 0593,
www.ersbiometrics.co.za, sales@ersbiometrics.co.za
www.securitysa.com Access & Identity Management Handbook 2013 59

BIOMETRICS SELECTION GUIDE
ZKSoftware ZKSoftware
Manufacturer/ brand
name: ZKTeco / iClock580
Distributor/Supplier:
Pinnacle
Biometric technology:
Fingerprint
Hardware description:
The iclock 580 off ers
sophistication with
practicality. The unit
can cater for time and
attendance as well as an access control application. This ensures
value for money giving you a duel application for the price of one.
The device is equipped with the latest technology of the ZK Sensor
and Version 10 algorithm. This sophistication matched with its state
of the art algorithm off ers speed, accuracy and peace of mind.
Application:
• Colour TFT screen
• Stores 8000 templates
• Built-in serial and Ethernet ports
• USB port for manual data transfer
• Reads fi ngerprints and/or PINS
Integration support:
• Repairs • Logistics
• Technical support • Training
• Maitenance
Contact details: Pinnacle, +27 (0)11 265 3323, jeanc@pinnacle.co.za,
www.pinnacleafrica.co.za
ZKSoftware ZKSoftware
Manufacturer/ brand name:
ZKTeco/LK170
Distributor/Supplier: Regal Security
Biometric technology: Fingerprint
Hardware description: The LK170 is
a fi ngerprint device for access control
and time and attendance with proven
reliability and accuracy. Can be used as
a stand-alone unit or connected to a
PC. Internal relay can be used to control
an electronic lock. Wiegand output
allows for easy interface to third-party
access control panels. The unit features a
memory that can hold 3 000 fi ngerprint
templates and 50 000 transaction logs.
Tamper switch on the back for added
vandalism protection.
Application:
• Access control
• Time and attendance
Integration support:
• Biometric devices
• Time and attendance devices
• Training
Contact details:
Regal Security, +27 (0)11 553 3300,
sales@regalsecurity.co.za, www.regalsecurity.co.za
60 Access & Identity Management Handbook 2013 www.securitysa.com
Manufacturer/ brand
name: ZKTeco/LK173
Distributor/Supplier:
Regal Security
Biometric
technology:
Fingerprint
Hardware
description: The
LK173 is a small
rugged, metal housed
fi ngerprint reader.
The weather-resistant housing makes it suitable for outdoor
applications. Suited to both access control and T&A applications.
Running on the latest algorithm of version 10, makes this reader
an extreme contender in the market. An internal relay can control
electronic locks, includes Wiegand output. Stand-alone or PC
operation. Stores up to 1 500 fi ngerprint templates and 30 000 logs.
Application:
• Access control
• Time and attendance
Integration support:
• Biometric devices
• Time and attendance devices
• Training
Contact details: Regal Security, +27 (0)11 553 3300,
sales@regalsecurity.co.za, www.regalsecurity.co.za
Manufacturer/ brand name:
ZKTeco / F4 GPRS
Distributor/Supplier: SAPROnet
Biometric technology: Fingerprint nt
Hardware Description: The only
true biometric portable solution with th
the added benefi t of proximity card d
technology, tailor made for the
construction/farming community.
Operating in conjunction with the
Viper Product Suite, you can now use se
cell phone technology (GPRS). Trans-
actions are automatically updated to o
our dedicated cloud server with a
storage capacity of 100 000 transactions onsper per reader reader. User information
including fi ngerprint templates are updated via the Internet (up to 3 000
templates per reader) and backups retained on our cloud server.
Application:
• Time and attendance • Access control
• Piecework • Wage calculator
• Personnel / leave registers
Integration support:
• All major payrolls (i.e. VIP, Pastel etc.) • SAP
• SQL • Cloud server
• Customised data collection
Contact details: SAPROnet, +27 (0)12 667-6739,
admin@sapronet.co.za, www.sapronet.co.za

ZKSoftware ZKSoftware
Manufacturer/ brand name:
ZKTeco / F9
Distributor/Supplier: SAPROnet
Biometric technology: Fingerprint
Hardware description: The most cost
eff ective biometric time and attendance
and access control solution working
in conjunction with the Viper Product
Suite. The F9 Reader not only stores up
to 3 000 fi ngerprint templates but it can
also retain up to 100 000 transactions
per reader. Updating your Viper system
is a breeze either via your local LAN
(IP) or via the Internet to our dedicated
cloud server. The data is immediately
available with the added benefi t of
secure backups.
Application:
• Time and attendance • Access control
• Piecework • Wage calculator
• Personnel / leave registers
Integration support:
• All major payrolls (i.e. VIP, Pastel etc.) • SAP
• SQL • Cloud Server
• Customised data collection
Contact details: SAPROnet, +27 (0)12 667-6739,
admin@sapronet.co.za, www.sapronet.co.za
ZKSoftware ZKSoftware are
Manufacturer/ brand name:
ZKTeco / F708
Distributer/Supplier: Security
Equipment Centre
Biometric technology: Fingerprint
Hardware description:
• The F708 is a proven fi ngerprint
terminal for access control and time and
attendance.
• Version 9 fi ngerprint algorithm.
• 1 500 fi ngerprint templates and 30 000
transaction capacity.
• Built-in relays for locks, door sensors,
open door alarms and exit sensors.
• Wiegand output, TCP/IP, 485 and 232
ports.
• Stand alone or networkable.
• LCD screen.
Application:
• Access control • Time and attendance
Integration support:
• Two-year warranty • Access control software
• Time and attendance software • Telephonic backup
• Training and repairs
Contact details:
Security Equipment Centre, +27 (0)11 452 1410, sales@secsa.co.za,
www.secsa.co.za
Manufacturer/ brand name:
ZKTeco / TA880
Distributor/Supplier: Security
Equipment Centre
Biometric technology: Fingerprint
Hardware description:
• The TA 880 fi ngerprint terminal is
designed for high security access
control and time and attendance
applications.
• Version 10 fi ngerprint algorithm.
• 3 000 fi ngerprint templates and
100 000 transaction capacity.
• Built-in relays for locks, door sensors,
open door alarms and exit sensors.
• Wiegand input and output, TCP/IP, 485
and 232 ports.
• Stand alone or networkable.
• F12 slave reader available.
• LCD screen.
Application:
• Access control • Time and attendance
Integration support:
• Two-year warranty • Access control software
• Time and attendance software • Telephonic backup
• Training and repairs
Contact details: Security Equipment Centre, +27 (0)11 452 1410,
sales@secsa.co.za, www.secsa.co.za
Manufacturer/
brand name:
ZKTeco / iClock990 990
Distributor/Supplier: pplier:
Sentri Systems
Biometric technology: nology:
Fingerprint.
Hardware description: cription:
This unique device is used for
data capture mainly for tracking job costing. Use the barcode
scanner to scan an employee, job number, then the task: Who is
working on what job; What is the job status right now, what task?
On-board TCP/IP and USB port. Large memory of 8 000 fi ngerprint
templates and 200 000 transactions.
Application:
• Time and attendance • Data collection
• Asset management • Access control
• Fully customisable fi rmware
Integration support:
• Software developer
• Installations & training (Gauteng)
• Technical support
• Reseller planning
• Repairs
Contact details:
Sentri Systems, +27 (0)11 704 7000,
Jason@Sentri.co.za, www.sentri.co.za
www.securitysa.com Access & Identity Management Handbook 2013 61

BIOMETRICS SELECTION GUIDE
ZKSoftware ZKSoftware
Manufacturer/ brand name:
ZKTeco / F18
Distributor/Supplier:
Smart Access Projects
Biometric technology: Fingerprint
Hardware description: The F18 is a
fi ngerprint with RFID reader for access
control and time and attendance.
Standard features are: 3 000 fi ngerprint
templates and 30 000 clocking
transactions. Built-in relays for locks,
door sensors, open door alarms
and exit sensors. Wiegand input/
output ports, onboard serial, TCP/IP
and USB ports for communications.
Two-year warranty. Powered by our
AiXaro time and access software fully
integrated with ZK hardware. AiXaro
is a comprehensive access control and
time and attendance solution that provides eff ective and effi cient
access control and time and attendance to small or large businesses.
Application:
• Access control • Time and attendance
Integration support:
• Consulting • Installations
• Support • Integration
Contact details: Smart Access Projects, +27 (0)11 475 1210,
smartaccess@lantic.net, www.smartacs.co.za
ZKSoftware ZKSoftware
Manufacturer/ brand
name: ZKTeco / X628-C
Distributor/Supplier: Time
Access & Automotive Systems
Biometric technology:
Fingerprint
Hardware description:
The X628-C is an innovative
biometric fi ngerprint terminal
for time and attendance
applications, off ering unparalleled performance using an advanced
algorithm for reliability, precision and excellent matching speed. The
3-inch TFT can display more information vividly, including fi ngerprint
image quality and verifi cation result etc. TCP/IP communication is
a standard feature and makes sure the data transmission between
terminal and PC can be easily done within several seconds. Standard
features include 3 000 fi ngerprint templates and 100 000 transaction
logs.
Application:
• Time and attendance
Integration support:
• Biometric devices
• Time and attendance devices
• Training
• Installations
Contact details: Time Access & Automotive Systems,
+27 (0)11 326 4146, adriang@lantic.net, www.timeandautomotive.co.za
62 Access & Identity Management Handbook 2013 www.securitysa.com
Manufacturer/ brand raand
name:
ZKTeco / DS100
Distributor/Supplier: pliier:
Smart Access
Projects
Biometric
technology:
Fingerprint
Hardware
description: The DS
S 100 is a dual sensor
time and attendance terminal. The DS100 validates fi ngerprint
clocking quickly and accurately via the dedicated In and Out ZK
crystal sensor. A display confi rms the user’s clocking. Connectivity
is via TCP/IP, built-in battery backup, onboard USB port for
communications. Two-year warranty. Powered by our AiXaro time
and access software fully integrated with ZK hardware. AiXaro is a
comprehensive access control and time and attendance solution
that provides eff ective and effi cient access control and time and
attendance to small or large businesses.
Application:
• Time and attendance
Integration support:
• Consulting • Installations
• Support • Integration
Contact details:
Smart Access Projects, +27 (0)11 475 1210,
smartaccess@lantic.net,
www.smartacs.co.za
Manufacturer/ brand name:
ZKTeco /iClock700
Distributor/Supplier: Time
Access & Automotive Systems
Biometric technology:
Fingerprint
Hardware description: The
iClock700 time and attendance
and access control terminal
adopts the latest platform with version i 10 fi ngerprint i algorithm l i h to
improve identifi cation speed. It can manage 8 000 templates within 1.5
second (I: N identifi cation). IClock700 features ZK’s high performance,
high image quality optical fi ngerprint sensor. The iClock700 can be used
in multi-factor authentication that supports fi ngerprint, password and
proximity. It comes standard with TCP/IP, RS-232/485, USB-host, backup
battery and has access control connectivity for Wiegand-in/out, door
lock connection, alarm and a bell.
Application:
• Time and attendance
Integration support:
• Biometric devices
• Time and attendance devices
• Training
• Installations
Contact details:
Time Access & Automotive Systems, +27 (0)11 326 4146,
adriang@lantic.net, www.timeandautomotive.co.za

ZKSoftware ZKSoftware
Manufacturer/ brand name: ame: ZKTeco / Gatemouse
Distributor/Supplier: ZKAccess KKAccess
Biometric technology: FFingerprint
Fingerprint
Hardware description:
Securing your personal
information on your
computer has its
limitations. The
Biometric Gatemouse is
the perfect solution for
home and offi ce security
of personal fi les and Internet net
passwords. Unlocking your Windows account with a single
press of the fi nger, enhances the comfortable use of this product.
The easy to use application will assist with the setup of the passwords
and users. With a new SDK available the Gatemouse off ers much more
than just computer security.
Application:
• Time and attendance
Integration support:
• Manufacturers of biometric devices
• Time and attendance
• Telephonic support
• Local repairs and warranty replacements
Contact details:
ZKAccess, +27 (0)12 259 1047, info@zkteco.co.za,
www.zkteco.co.za
ZKSoftware ZKSoftware
Manufacturer/ brand name:
ZKTeco / F7
Distributor/Supplier: ZKAccess
Biometric technology: Fingerprint
Hardware description: Over time this
unit has proved itself to be a reliable
biometric access control device. The
black and white LCD screen adds value
to the device and is geared to keep
3 000 fi ngerprint templates. TCP/IP
and Wiegand input / output are the
main communication methods. The
F7 is manufactured with a tamper
switch to prevent unwanted removal
of the device. A full SDK is available
for integration. It’s easy to install
and connect to third-party access
controllers.
Application:
• Access control
Integration support:
• Manufacturers of biometric devices
• Time and attendance
• Telephonic support
• Local repairs and warranty replacements
Contact details:
ZKAccess, +27 (0)12 259 1047, info@zkteco.co.za, www.zkteco.co.za
Manufacturer/ brand name:
ZKTeco / F12
Distributor/Supplier: ZKAccess
Biometric technology:
Fingerprint
Hardware description: The
F12 is our fl agship Slave reader
not only can the unit be used
indoors but outdoors as well. This
unit fi ts perfectly into an offi ce
environment as well as giving
access to an area exposed to the
elements. The F12 off ers a unique
opportunity to work either with
our multibio controller or with
some of our select biometric
readers. The unique size of the
unit makes for an easy instillation using RS-485 as its main source of
communication.
Application:
• ZK sensor • IP 65 rated
• RS 485
Integration support:
• Repairs • Logistics
• Technical support • Training
• Maintenance
Contact details: ZKAccess, +27 (0)12 259 1047, info@zkteco.co.za,
www.zkteco.co.za
Manufacturer/ brand name:
ZKTeco / F6
Distributor/Supplier: ZKAccess
Biometric technology: Fingerprint
Hardware description: The F6 unit
although small and compact off ers
a wide and dynamic solution to the
South African market. Built to operate
as a slave reader, the SD card off ers a
suitable option to export information.
This unit not only off ers the version 10
algorithm but one can use the RFID
function on this unit. The unit provides
for RS-485 communication that can link
with consummate ease to any of our
biometric readers.
Application:
• Version 10 algorithm • Stores 500 templates
• Wiegand ports • 30 000 transactions
• SD card
Integration support:
• Repairs • Logistics
• Technical support • Training
• Maintenance
Contact details:
ZKAccess, +27 (0)12 259 1047, info@zkteco.co.za,
www.zkteco.co.za.
www.securitysa.com Access & Identity Management Handbook 2013 63

BIOMETRICS SELECTION GUIDE
ZKSoftware ZKSoftware
Manufacturer/ brand
name: ZKTeco / U160-C
Distributor/Supplier:
ZKSoftware
Biometric technology:
Fingerprint
Hardware description:
Full colour time and
attendance is becoming
more and more popular
in the market and this is exactly xactly what the U160 U160-C C is capable of
doing. Running on the latest Version 10 release of algorithm with
recognition of less than 1 second, makes this a powerful player in
the market. Standard features for the clients’ needs include 3 000
fi ngerprint templates, 100 000 transactions and Fingerprint / pin /
RFID card verifi cation methods. Built-in Ethernet, serial ports and USB
host adds to the communication.
Application:
• Time and attendance
Integration support:
• Manufacturers of biometric devices
• Time and attendance
• Telephonic support
• Local repairs and warranty replacements
Contact details: ZKSoftware, +27 (0)12 259 1047,
info@zkteco.co.za, www.zkteco.co.za
64 Access & Identity Management Handbook 2013 www.securitysa.com
Manufacturer/
brand name:
ZKTeco / Biopad 100
Distributor/Supplier:
ZKSoftware
Biometric technology:
Fingerprint
Hardware description:
Size does matter! The
new 7-inch full colour
touch screen time &
attendance device will
capture a unique audience in the market. The potential of the unit
is unlimited, especially after it’s running on Windows CE. The Open
platform will assist with the development of the custom fi rmware
on the unit. The 6000 fi ngerprint templates will add benefi t when
installed in the corporate market.
Application:
• Time and attendance
Integration support:
• Manufacturers of biometric devices • Time and attendance
• Local repairs and warranty replacements • Telephonic support
Contact details:
ZKSoftware, +27 (0)12 259 1047,
info@zkteco.co.za,
www.zkteco.co.za

www.securitysa.com Access & Identity Management Handbook 2013 65

66 Access & Identity Management Handbook 2013 www.securitysa.com

ADI Global Distribution ADI Global Distribution
Device/Solution:
CDVI/ATRIUM
Manufacturer/
brand name:
CDVI/ATRIUM
Distributor/
Supplier: ADI
Global Distribution
Product
description:
ATRIUM is the
latest access
control system for
up to 10 Doors.
ATRIUM is fast and
inexpensive to
install thanks to autodetect door expanders and can be wired in alarm
cable. With a built in Web server ATRIUM becomes available online
anytime, anywhere on your PC, smartphone or tablet.
Application: Online access control
Integration support: Product integrates seamlessly with the Sagem
biometrics range and with NUUO and Milestone.
Contact details:
ADI Global Distribution,
0860 22 55 23, gordon.moore2@adiglobal.com
Manufacturer/brand f t /b d name: CCentaur t
Distributor/Supplier: ADI Global Distribution
Product description: With over 10 years in the market (worldwide),
Centaur access control has established itself as one of the industry
leaders for easy to use access control systems.
Application: Online access control
Integration support: Product integrates seamlessly with the
Sagem biometrics range and with NUUO and Milestone.
Contact details:
ADI Global Distribution, 0860 22 55 23,
gordon.moore2@adiglobal.com
ADI Global Distribution ADI Global Distribution
Manufacturer/brand
name: Honeywell
WIN-PAK
Distributor/
Supplier: ADI Global
Distribution
Product description:
Honeywell’s WIN-
PAK software suite
provides a range
of solutions from
access control only
to fully integrated
security solutions. WIN-PAK’s powerful user interface allows dealers to
install a single software for all of its customers’ security needs. WIN-
PAK XE (Express Edition) is the baseline software package for access
control only. Manage NetAXS and NS2/NS2P controllers from a single
workstation. WIN-PAK XE is ideal for single workstation systems that
require access only functionality.
Application:
• Access control • Integration with video and intrusion
• Floor plans
Integration support off ered:
• Planning • Project support
• RMA
Contact details: ADI Global Distribution,
0860 22 55 23, gordon.moore2@adiglobal.com
ACCESS SELECTION GUIDE
Manufacturer/brand
name: Honeywell
NetAXS-123
Distributor/Supplier:
ADI Global Distribution
Product description:
Honeywell’s
NetAXS-123 is a Webbased
access control
solution for one, two
or three doors - for
smaller sites such as
restaurants, medical
offi ces or daycares, NetAXS-123 off ers the scalability to aff ordably
expand the system one door at a time. With two available enclosure
options to choose from, you can select the features and capabilities best
suited for each installation. The user-friendly design makes it simple to
install and easy to operate and maintain, no need to install any software.
Application:
• Access control • Web based
• Integrate IP video
Integration support off ered:
• Planning • Project support
• RMA
Contact details:
ADI Global Distribution, 0860 22 55 23,
gordon.moore2@adiglobal.com
www.securitysa.com Access & Identity Management Handbook 2013 67

ACCESS SELECTION GUIDE
CEM Systems CEM Systems
Device/Solution: AC2000 SE
(Standard Edition)
Distributor/Supplier:
CEM Systems
Product Description:
AC2000 SE (Standard Edition)
is a powerful and fully
integrated access control,
alarm processing and photo
badging system with a set
of software and hardware
features that make it one
of the most comprehensive
security management
systems available. Innovative
software features include the
ability to enrol and manage
biometric templates, visitor management, vehicles management and
much more! AC2000 SE is continuously developed to meet the most
diffi cult security needs, providing a fl exible and highly stable solution.
Application:
• Access control
• Central monitoring (alarm & event display)
• Guard tours
• Biometric support
• Visitor management
Contact details: +44 2890 456767, cem.sales@tycoin.com
www.cemsys.com
CEM Systems G2 Security
Device/
Solution:
S610 intelligent
IP card reader
Distributor/
Supplier:
CEM Systems
Product
description:
S610 intelligent
IP card reader
is designed
for use as part of an integrated on-line access control system and is
used to control access to restricted areas. The S610 reader, which has
an on-board 10/100Mbps Ethernet connection, communicates directly
with the CEM AC2000 host server removing the need for an intelligent
control panel in the system design.
Application:
• Access control
• Universal reader - supports all card technologies
• IP66 rated polycarbonate enclosure
Contact details:
+44 2890 456767,
cem.sales@tycoin.com
www.cemsys.com
68 Access & Identity Management Handbook 2013 www.securitysa.com
Device/Solution: S3030
Portable Reader
Distributor/Supplier: CEM
Systems
Product Description:
S3030 Portable Reader is
a lightweight and rugged
hand-held card reading
device for use with the
CEM AC2000 security
management system. It can
be used for ID card validation
at remote sites or temporary
entrances which have no
power, and can also be used
as a mobile device for random checks within pre-defi ned zones. A
large full colour TFT touch screen provides quick and easy navigation
and information about card validity, including Cardholder details e.g.
Cardholder Photograph, Name, Card Valid etc.
Application:
• Access control
• Temporary entrance gates, guard tours and a variety of
off -site locations
• Roaming across pre-defi ned zones
• Mustering at safe areas with muster count and mini-report
• Occupancy for head count in a defi ned area
Contact details: +44 2890 456767, cem.sales@tycoin.com
www.cemsys.com
Device/Solution: TDSi MicroGarde II
Manufacturer: TDSi
Distributor/Supplier: G2 Security
Product description: Microgarde II is a
cost eff ective networked access control unit
giving the advantages of central control
and event reporting. Each controller can
run independently or as part of a network
with up to 400 doors. With a choice of the
TDSi reader range or third-party readers
this versatile system can be used for new
installations or as retrospective fi tting
to existing systems. With extra features such as fi re door release,
mustering and upgradable to the EXgarde Pro software with no
hardware changes the Microgarde II controller is an obvious choice
for any size installation.
Application:
• Access control • Biometric integration
• CCTV Integration • Time & attendance
Integration support:
• Design support • RMA process for faulty returns
• Software support • Technical support
Contact details:
G2 Security, +27 (0)87 940 9322, info@g2security.co.za
www.g2security.co.za

GSC Systems GSC Systems
Device/Solution:
640 ProxNet Access
Control System
Manufacturer:
GSC Systems
Supplier: Elvey Security
Technologies
Product Description:
640 ProxNet Access
Control System is a
proven, feature rich system
that can expand up to
254 readers and supports
4 000 tag holders managed
in 64 access levels. Among
the system features are anti-pass-back, card expiry based on date
or counter value, visitor card collection and alarm monitoring. The
system includes a selection of readers, interface units, card collector
and power supplies. The unit can operate as a stand-alone unit or be
fully controlled from the optional Windows software.
Application:
• Access control
• Time and attendance
Integration Support: Comprehensive datasheets
Contact details: Erich Glatz, GSC Systems,
+27 (0)21 712 5130, sales@gsc.co.za,
GSC Systems GSC Systems
Device/Solution:
737-10 USB Mifare
Keyboard Reader
Manufacturer:
GSC Systems
Distributor/Supplier: :
GSC Systems
Product description:
The 737-10 reader
connects to a PC via
a USB port. The unit
performs a secure read
from any sector or page on a Mifare Ultralight, Std 1k or Std 4k card.
Data is output in the form of keystrokes which enables the user to
capture this into any PC application which accepts keyboard entry.
Models are also available to read only the UID of the Mifare cards
and 125kHz cards. The readers can be supplied in ivory or black.
Application:
• Access control
• Time and attendance
• Process control
• Data collection
• Photocopier control
Integration support: Comprehensive datasheets
Contact details: Erich Glatz, GSC Systems,
+27 (0)21 712 5130, sales@gsc.co.za,
www.gscsystems.com
Device/solution:
380-10 MinitMan-FP Timeclock
Manufacturer:
GSC Systems
Distributor/Supplier: Elvey
Security Technologies
Product description: 380-10
MinitMan-FP Timeclock with MPLite
& TimeMaster. The MinitMan-FP
380-10 fi ngerprint timeclock is a
cost-eff ective electronic timeclock
using the employee’s fi ngerprint
for identifi cation thus preventing
unauthorised clocking. The system
supports 1 500 fi ngerprint templates
and can store 30 000 transactions.
Transactions are downloaded via
RS-232, RS-485 or TCP/IP and
analysed by either the basic MPLite
or the comprehensive TimeMaster
T&A software. TimeMaster produces a wide range of reports and
exports T&A data to most payroll packages on the market.
Application:
• Time and attendance logging
• Data collection
Integration support: Comprehensive datasheets and user manuals.
Contact details: Erich Glatz, GSC Systems, +27 (0)21 7125130,
sales@gsc.co.za, www.gscsystems.com
Device/Solution: -716-20 Multi
Sector Mifare OEM Reader
Manufacturer: GSC Systems
Supplier: GSC Systems
Product P Description: 716-20
Multi M Sector Mifare OEM Reader.
This T is an intelligent reader/writer
for f 13.56MHz contactless cards,
complies c to ISO 14443A and is
designed d to operate with the Mifare
Std S 1k, 4k, Mifare PlusX/PlusS (in
security s
level 1mode) or Ultralight
cards. GSC’s OEM range includes
UID only readers and readers for
125kHz cards. These products
provide system developers an easy
path to integrate card readers into
their applications. Readers have
selectable outputs including Wiegand, Clock Data and RS-232 (TTL).
Application:
• Access control • Time and attendance
• Vending machines • Process control
• Data collection
Integration support: Comprehensive datasheets and evaluation kits.
Contact details: Erich Glatz, GSC Systems,
+27 (0)21 712 5130, sales@gsc.co.za,
www.gscsystems.com
www.securitysa.com Access & Identity Management Handbook 2013 69

ACCESS SELECTION GUIDE
Impro Technologies Impro Technologies
Device/Solution: IXP220
Manufactures Name:
Impro Technologies
Distributor: Access & Beyond,
Elvey Security Technologies,
Powell Tronics
Product Description:
The IXP220 Access Control
System from Impro
Technologies off ers
seamless system scalability, allowing users to expand their system
eff ortlessly, using the same software and hardware suite throughout.
The fl exibility of the hardware confi guration options and the simplicity
of the software confi guration using the standard wizards makes the
IXP220 the obvious choice for all your access control applications. From
one to 256 anti-passback doors and up to 1 000 independent sites the
IXP220 has the size and capability to meet your every requirement.
Applications:
• Access control • Time and attendance
• Small to medium commercial sites • Integrated solutions
• Multi site systems • Centralised facility management
Integration support:
• 24-hour local advanced support • Training
• Return & swop out policy • Stock holding
• Extended warranty (3 years upgraded to 5 years)
Contact details:
Impro Technologies, 08600 IMPRO (46776), www.impro.net
IP Security Solutions IP Security Solutions
Device: Net2Plus
Manufacturer/ brand
name: Paxton
Distributor/Supplier:
IP Security Solutions
Product description:
Part of the Paxton Net2
system. The Net2Plus is a
single door, 2-reader, TCP/IP
enabled controller. Up to
50 000 users per controller.
Up to 500 controllers per
system. Part of the Net2
system. Connects to Net2 server software
for management.
Application:
• Access control
Integration support:
• System design
• Commissioning
• Telephonic support
Contact details:
IP Security Solutions,
+27 (0)11 553 3300,
info@ipsecuritysolutions.co.za,
www.ipsecuritysolutions.co.za
70 Access & Identity Management Handbook 2013 www.securitysa.com
Device/solution: IXP400i
Manufactures Name:
Impro Technologies
Distributor: Access & Beyond,
Elvey Security Technologies,
Powell Tronics
Product Description:
The IXP400i has a global track
record that speaks for itself.
Securing prestigious sites in
all major market sectors, with
its industry leading integration platform. From small commercial to large
industrial applications the IXP400i has the features, fl exibility and ability
to off er uncompromised security. From 1 to 3 000 doors and 300 000
tag holders per site and 256 sites per system, the IXP400i has unrivalled
capacity. Built on a Linux based, embedded hardware platform the
IXP400i boasts an impressive selection of hardware options using state
of the art technology perfectly designed for your application.
Applications:
• Access control • Time and attendance
• Large enterprise sites • Integrated solutions
• Multi site systems • Centralised facility management
Integration support:
• 24hr local advanced support • Training
• Return & swop out policy • Stock holding
• Extended warranty (3 years upgraded to 5 years)
Contact details: Impro Technologies, 08600 IMPRO (46776),
www.impro.net
Device: Net2Entry
Manufacturer/ brand name:
Paxton
Distributor/Supplier:
IP Security Solutions
Product description:
Part of the Paxton Net2 system.
Net2Entry is an IP based
intercom system that
interfaces seamlessly with
the Net2 access control system.
POE, self confi guring system.
Entry panel includes intercom,
camera, RFID reader, keypad, LCD.
Monitor unit has colour touch
screen. Up to 100 entry stations and
1 000 monitors on Net2 system.
Application:
• Access Control/Intercom
Integration support:
• System design
• Commissioning
• Telephonic support
Contact details: IP Security Solutions,
+27 (0)11 553 3300,
info@ipsecuritysolutions.co.za, www.ipsecuritysolutions.co.za

IP Security Solutions Keep Access Control Systems
Device: Paxlock
Manufacturer/ brand name:
Paxton
Distributor/Supplier:
IP Security Solutions
Product description: Part of
the Net2 system. Intelligent door
handle/lock. RFID card reader.
Wireless operation. Interfaces to
the Net2 access control system.
Managed from Net2 software. Fully
confi gurable user rights.
Application:
• Access control
• Hotel doors
Integration support:
• System design
• Commissioning
• Telephonic support
Contact details:
IP Security Solutions,
+27 (0)11 553 3300, info@ipsecuritysolutions.co.za,
solutions co za
www.ipsecuritysolutions.co.za
Device/Solution:
ZKBiolock
Manufacturer/ brand
name: ZKBiolock
Distributor/Supplier:
Keep Access Control
Systems
Product description:
The fi ngerprint lock off ers
state-of-the-art single door
management solution
that provides you with
unmatched options that
comes with OLED,
standard USB interface.
You can verify a person
and open the door with
fi ngerprint, password
and ID/Mifare cards. The
all-in-one fi ngerprint
lock is convenient to
operate. Enrolment and
management of users are done on the OLED display. There are
three user levels available to manage the system eff ectively –
administrator, supervisor and user.
Contact details: Keep Access Control Systems, +27(0)11 805 0175,
siska@keepacs.co.za, www.keepacs.co.za
Keep Access Control Systems Keep Access Control Systems
Device/Solution: Guard System
Manufacturer/ brand name: Tomst
Distributor/Supplier: Keep Access Control Systems
Product description: The system of portable electronic sensors (PES),
control and monitor movement of persons and objects in relation to
time and place.
Key features of the sensors:
• Ergonomic design
• Anti-vandal technology
• Capacity
• Low running costs
• Wide range of possible use
• Extensive product range
• WinKontrol Software
Contact details: Keep Access Control Systems, +27 (0)11 805 0175,
siska@keepacs.co.za, www.keepacs.co.za
Device/Solution:
Turnstile
Manufacturer/
brand name: Imat
Manufacturing
Distributor/Supplier:
Keep access control
systems
Product description:
Full height turnstiles
off er an eff ective means
of access control and
generally speaking
a higher degree of
security than their half
height counterparts.
They are designed to
only allow one person
to pass through at a
time and because of their versatile nature, can be installed in a
wide range of locations/environments. Our range of turnstile
products are designed to stringent standards.
Contact details:
Keep Access Control Systems,
+27 (0)11 805 0175,
siska@keepacs.co.za,
www.keepacs.co.za
www.securitysa.com Access & Identity Management Handbook 2013 71

ACCESS SELECTION GUIDE
Keep Access Control Systems Natech Universal Technology
Device/Solution: MKII intercom
Manufacturer/ brand name:
Comb Communications
Distributor/Supplier: Keep
Access Control Systems
Product description:
The fi rst intercom to use
embedded SIM technology
that makes the system
resistant to vandalism.
• Free resident entry via
PIN numbers
• Time-based access control
permits access at userdefi
ned times only
• Able to open multiple gates
• Temporary access PINs for visitors
• Ability to communicate with guard via the guard call function
• Six user defi ned inputs make it easy to connect your electric
fencing and other security features to the system
• Rapid, painless installation
Contact details:
Keep Access Control Systems,
+27 (0)11 805 0175,
siska@keepacs.co.za,
www.keepacs.co.za
Natech Universal Technology Natech Universal Technology
Device/Solution: ISONAS Door
Access Control
Manufacturer/brand
name: ISONAS
Distributor/supplier: Natech
Universal Technology
Product description: The ISONAS
PowerNet line of panel-free door
access control products are sold as reader/controller units because the
intelligence built into each and every model is designed to not only
read RFID cards but also to control a door and other devices. All ISONAS
reader models include Crystal Matrix Software and feature the ability to:
• Sense if a door is open or closed
• Process a Request To Exit (REX)
• Process an auxiliary input of the customers choosing
• Set up to 2 output lines.
• Biometric reader support
• Integrate into video management software
Application
• Access control • Time and attendance
• Networked design • Panel free solution
• CCTV integration
Integration Support
• Consultation (to integrator) • Training (for integrator)
• System design (for integrator) • Service and repair
Contact details: Natech Universal Technology, +27 (0)73 601 6652,
dean@natech.co.za
•
72 Access & Identity Management Handbook 2013 www.securitysa.com
Device/Solution: T5 Pro
Manufacturer/brand name:
Anviz
Distributor/supplier: Natech
Universal Technology
Product description: T5 Pro is an
innovative fi ngerprint card access
controller which fully integrates
fi ngerprint and RFID technology.
The compact design makes it
suitable for installation on a door
frame. T5 Pro has standard Wiegand
output to connect seamlessly with
access controllers and relay output
driver the electric lock directly. T5
Pro can easily update the existing
card readers for a higher security
level of fi ngerprint and card.
Application
• Access control
• Time and attendance
Integration Support
• Consultation (to integrator)
• Training (for integrator)
• System design (for integrator)
• Service and repair
Contact details: Natech Universal Technology, +27 (0)73 601 6652,
dean@natech.co.za
Device/Solution:
IS1000 Web Appliance
Manufacturer/brand
name: IMRON –
IS1000 Web Appliance
Distributor/supplier:
Natech Universal Technology ology
Product description:
IS1000 is an easy-to-use e Web appliance
used to manage physical al access control and video. video IS1000 integrates
seamlessly with access control hardware from Mercury Security. Manage
up to 64 doors and 250 000 credentials. Connects directly to the access
control sub-controller door modules via RS-485. Connections made via
WiFi, Ethernet connection across a LAN or WAN. Real-time monitoring,
credential management, live/recorded video, and system confi guration
are all available via an easy-to-use Web browser interface.
Application
• Access control • Time and attendance
• Web based • Networked design
• CCTV integration
Integration Support
• Consultation (to integrator)
• Training (for integrator)
• System design (for integrator)
• Service and repair
Contact details: Natech Universal Technology, +27 (0)73 601 6652,
dean@natech.co.za

neaMetrics/Suprema neaMetrics/Suprema
Device/Solution: XStation
Manufacturer/ brand name: Suprema
Distributor/Supplier: neaMetrics
Product description: The world’s fi rst IP
access control terminal with touchscreen
LCD and face detection technology. Its 3.5
inch touchscreen LCD and intuitive GUI
provide comprehensive access control and
time attendance functions. Featuring face
detection technology with a megapixel
camera, X- Station can record up to 5 000
face image logs for an extra level of security
and attendance records. The built-in camera detects and captures face
images of each entry to prevent unauthorised access and payroll fraud.
X-Station is set to change the way we use access readers.
Application:
• Access control • Time & attendance
• Applications requiring function selection
• Hi-end security applications
Integration support:
• Technical & sales training
• Architectural system design consulting
• Remote, telephonic & onsite support
• Software development
Integration support:
Customised solution development
Contact details: 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
neaMetrics/Suprema rema e a
Reditron
Device/Solution: RealPass-F
Manufacturer/ brand name: : Suprema
Distributor/Supplier: neaMetrics eetrics
Product description: A multi-functional
--functional
ID document and passport reader eer
that reads a variety of data
such as photos, characters,
barcodes, contact/contactless
smart chips. As an e-passport
reader, RealPass-F provides full-page, ppage,
one-step reading of visual data ppage
page
and RF chip data of ICAO standard rd passports.
For high-level security environments such as immigrations and border
control, RealPass-F supports optional functions including IR, UV, coaxial, OVD
and dual camera for 800 dpi photo captures. RealPass-F is an ideal all-in-one
device for reading electronic ID cards and travel documents.
Application:
• Immigration and border control • Civil and criminal applications (police)
• National ID • Hospitality check-in (hotels)
Integration support:
• Technical & sales training
• Architectural system design consulting
• Remote, telephonic & onsite support
• Software development integration support
• Customised solution development
Contact details: 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
Device/Solution:
XPass Series
Manufacturer/ brand
name: Suprema
Distributor: neaMetrics
Product description:
The Xpass/Xpass Slim
provides all the leadingedge
features of high-end
IP access control products
packed into an ultra
compact design. These
sleek devices are encased
in an IP65 waterproof
structure and off er PoE (Power over Ethernet) capabilities making it ideal
for outdoor IP RF ID access control solutions. The Xpass Slim, designed
to fi t gang boxes, takes the series to the next level by incorporating
multi-smart card reading technology with gang box mounting options.
Application:
• Access control
Integration support:
• Technical & sales training
• Architectural system design consulting
• Remote, telephonic & onsite support
• Software development integration support
• Customised solution development
Contact details: 0860 SUPREMA (0860 787 736),
enquiry@suprema.co.za, www.suprema.co.za
Device/Solution: Standalone
Keypad / Proximity Reader
Distributor: Reditron
Supplier: Controlsoft
Product description: The KP800
Standalone KeyPad / Proximity
Reader is a cost-eff ective,
standalone, single-door access
control solution for up to 1000
users, using either a PIN code,
proximity card / keyfob or a
combination of both. This easyto-use
solution is supplied in a
weatherproof, vandal resistant
housing with backlit keys.
Application:
• Manages card only, card or PIN, or CCard d + PIN
PIN.
• Manages 1000 cardholders.
• IP65 housing
• Two inputs for door contact supervision, RXE/RTE push button
• Built-in Tamper Switch
Integration support: 3-year warranty
Contact details:
Reditron, 087 802 CCTV (2288),
sales@reditron.co.za,
www.reditron.co.za
www.securitysa.com Access & Identity Management Handbook 2013 73

ACCESS SELECTION GUIDE
Reditron Tyco Security Products
Device/Solution: IP Single Door
Controller
Distributor: Reditron
Supplier: Controlsoft
Product description: The Edge IP
Access Controller puts control and user
interface right at the door. The Edge
is a cost-eff ective, standalone, singledoor
IP access control solution for up
to 1000 users. This easy-to-use solution
enables remote management and report
generation via standard Web browser.
User information, administration, time schedules, door confi guration
and retrieval of events are done through a user-friendly, instructional
web environment. Providing “Intelligence at the Door”, the fl exible Edge
has one onboard reader port which will support a Wiegand or Clock &
Data reader, three inputs (Door Contact, Exit Button, Tamper) and two
output relays (Lock, Aux Device).
Application:
• On-board 10/100 Base-T port. DHCP and fi xed IP addressing supported.
• Power over Ethernet (POE).
• Manages 1000 cardholders.
• Two inputs for power failure, battery failure.
• Wiegand Interface
Integration support: 3-year warranty
Contact details: Reditron, 087 802 CCTV (2288),
sales@reditron.co.za, www.reditron.co.za
Uniclox Technologies Uniclox Technologies
Device/Solution:
HandPunch Series
Manufacturer/ brand name:
Ingersoll Rand
Distributor: Uniclox
Technologies
Product description: The
Hand Punch Series from Uniclox x
is popular in many industrial
companies which fi nd that
hand geometry is faster and
more consistent because it is
unaff ected by dirt, paint, oil
or damage to the fi ngertips.
Employees enter their number and place their hand on the platen of the
HandPunch terminal. It automatically takes a three-dimensional reading
of the size and shape of the hand and verifi es the user’s identity in less
than one second. Anti-microbial platen provides a hygienic fi nish that
resists bacterial degradation using silver nano-technology.
Application:
• Access control
• Time and attendance
• Ring a siren/bell
Integration support: Full technical support in all major centres,
including consulting, installation, training and call centre.
Contact details: Uniclox Technologies, 0861 UNICLOX,
sales@uniclox.com, www.uniclox.com
74 Access & Identity Management Handbook 2013 www.securitysa.com
Device/Solution:
INTEVO
Manufacturer/ brand
name: Tyco Security
Products
Product description:
INTEVO provides an
ideal platform for small
to medium businesses as well as the ability to grow the system
to meet organisational needs over time. INTEVO also supports
the EntraPass Web client and the EntraPass go Mobile client.
With its embedded Windows 7 OS, latest generation Intel
processor, a solid-state drive for applications and a separate
hard drive for storage, INTEVO off ers high performance
computing technology while having only one server to
maintain. Other key features of INTEVO include dual
integrated Ethernet ports, 6 USB 2.0 ports and 1 RS-232
serial port; dual display outputs for VGA, HDMI and DVI.
Integration support:
• Simple to confi gure, easy to deploy
• Supports EntraPass Corporate Edition
• DSC MAXSYS alarm panel
• Compatible with all Kantech controllers
• Connect up to 32 IP cameras
Contact details:
Tyco Security Products, +27 (0)82 566 5274,
emallett@tycoint.com, www.tycoacvs.com
Device/Solution:
Uniclox Access Control Kit
Manufacturer/
brand name: Uniclox
Technologies
Distributor: Uniclox
Technologies
Product description:
Stop anonymous access
to high-security areas in
your business. Uniclox
Technologies off ers the
new Uniclox Uni110
Access Control Kit – an all-in-one access control solution for a
standalone door. The kit provides everything you need to secure
a standalone door: a top quality RFID terminal, strikerlock,
exit button plus full access control software. The terminal
has a storage capacity of 60 000 RFID cards and
80 000 transactions.
Application:
• Access control
• Time and attendance
Integration support: Full technical support in all major centres,
including consulting, installation, training and call centre.
Contact details: Uniclox Technologies,
0861 UNICLOX,
sales@uniclox.com, www.uniclox.com

ZKSoftware ZKSoftware
Device/Solution:
ZKTeco / LK183
Distributor/Supplier:
Regal Security
Product description: Speed is of
the essence when using RFID, and
the LK183 is the unit to perfect
it. The stylish RFID reader will not
only enhance the speed of access
control, but also contribute to
the ambience of your room. With
a seamless and easy to install
device, you are guaranteed of a
market leading product. Reading
range of 5-8cm, built-in relay for
locks, alarms and sensors. Capacity
of 30 000 RFID cards and 50 000
transaction logs, combined with TCP/IP, RS-232/485 communication.
Application:
• Access control
• Time and attendance
Integration support:
• Biometric devices
• Time and attendance devices
• Training
Contact details: Regal Security, +27 (0)11 553 3300,
sales@regalsecurity.co.za, www.regalsecurity.co.za
ZKSoftware ZKSoftware
Device/Solution: : ZKTeco ZKTeco / / inBio inBio Controller
Controller
160/260/460
Distributor/Supplier: pl lier:
Regal Security
Product
description:
For the fi rst time
in the history of
Biometric Access Control, Coontrol,
combine a biometric tric
fi ngerprint reader and RIFD device onto a controller, where the
templates are stored on the controller and not on the units.
It keeps your data safe and makes it easier to manage. The
inBio is available in 1-door, 2-door and 4-door controllers. With
capacities of 3 000 fi ngerprint templates and 30 000 RFID
cards on the controller.
Application:
• Access control
• Biometric and RFID combined
Integration support:
• Biometric devices
• Time and attendance devices
• Training
Contact details: Regal Security,
+27 (0)11 553 3300, sales@regalsecurity.co.za,
www.regalsecurity.co.za
Device/Solution:
ZKTeco / C3
Controller
100/200/400
Distributor/
Supplier:
Regal Security
Product
description:
Multiple doors access control problem? Use the C3 controllers
to control the access. The C3 is available in 1-door, 2-door and
4-door controllers from Regal Security. It’s an easy installation
with RFID readers using TCP/IP, RS-485 and Wiegand for
communication. Some of the features are anti-pass back,
interlock function and duress mode. Includes capacity of 30 000
users and 100 000 transactions. Easy integration with various
security systems and supports diff erent Wiegand readers.
Application:
• Access control
• RFID
Integration support:
• Biometric devices
• Time and attendance devices
• Training
Contact details: Regal Security,
+27 (0)11 553 3300, sales@regalsecurity.co.za,
www.regalsecurity.co.za
Device/Solution:
ZKTeco / SC103
Distributor/Supplier:
Security Equipment Centre
Product description:
The SC103 is a versatile RFID
access control terminal with
up to 30 000 card templates
and 50 000 transaction capacity.
Built-in relays for locks, door
sensors, open door alarms and
exit sensors; Wiegand output,
TCP/IP, 485 and 232 ports. Stand
alone or networkable, 10cm
read range with LCD screen. KR 201 slave reader available.
Application:
• Access control
• Time and attendance
Integration support:
• Two-year warranty
• Access control software
• Time and attendance software
• Telephonic backup
• Training and repairs
Contact Details: Security Equipment Centre,
+27 (0)11 452 1410, sales@secsa.co.za,
www.secsa.co.za
www.securitysa.com Access & Identity Management Handbook 2013 75

SYSTEM INTEGRATION
EOH Intelligent Infrastructure
delivers smarter mining solutions
The mining industries requirement regarding workforce management has
evolved from standalone systems to fully integrated turnkey solutions.
The mining industries requirement regarding workforce management
has evolved from standalone systems to fully integrated turnkey solutions.
These solutions are now required to cover all aspects of workforce
management from pre-engagement, engagement, value add while
employed, payroll and third-party systems integration with health and
safety being a priority throughout all these processes. EOH Intelligent
Infrastructure Technologies continues to deliver and further develop
innovative solutions by integrating
existing onsite infrastructure with new
technologies to answer the industry’s
needs.
“A start-to-end solution, based on
a single confi gurable database that is
capable of talking to an entire platform
and incorporating all of the essential
technologies, such as biometrics, asset
tracking, surveillance and so forth, is the
main focus of our activities,” explains
EOH Intelligent Infrastructure Workforce
Technology Lead, Glen Baptiste. The
broad skill set available within EOH
means that all workforce related functions,
such as health management,
absenteeism, legal compliance and
compensation are included in solutions
that are designed to add value, manage
costs, synchronise supply chain processes
and ultimately enhance customer
value. With technology mutating so
rapidly and continuously becoming
more sophisticated, big businesses have
also begun to shy away from outright
purchase commitments and are moving Glen Baptiste
towards rental agreements.
“We are seeing a growing trend
indicating that the market expects the availability of a full-support rental
option on almost all of our equipment and systems,” says Baptiste.
One of the key industries that benefi ts from these turnkey solutions
is the mining sector. With its massive labour force and remote, process
driven operations, mining contains many elements of control and
regulation that can be streamlined with the right combination of technology,
dedicated support and specialised knowledge. EOH Intelligent
Infrastructure recognises that the requirement for swift information
transfer is becoming more prevalent, particularly in the mining arena.
The days of a single purpose time and attendance system that simply
controls payroll and off ers no further advantages are long gone, integration
has become the norm. Biometric technologies are no longer just for
tracking, they are now being linked to business intelligence, accounting
systems; surveillance cameras are being used for stock control
76 Access & Identity Management Handbook 2013 www.securitysa.com
and modest reports in the form of pie charts and bar graphs are being
replaced with 3D visual representations incorporating information from
multiple business functions.
EOH Intelligent Infrastructure Technologies has recently introduced
a number of new products specifi cally intended to improve the safety
of mine workers and to add value to mining or manufacturing operations.
These include a real-time electronic manning board that shows in
real-time the actual versus planned production
resource allocation and presence at the
workplace. It also functions as an organisational
tool that allows complete groups to
be assembled before the start of production
and then serves to manage and control
these units during the process.
Secondly, EOH Intelligent Infrastructure
has identifi ed radio-frequency identifi cation
(RFID) as an excellent health and safety
tool. RFID involves the use of a wireless
non-contact system that employs radiofrequency
electromagnetic fi elds to transfer
data from a tag attached to an object
or person, for the purpose of automatic
tracking and identifi cation. In the mining
environment this has countless applications.
For example, RFID can be used to
ensure that miners have all of the required
equipment before entering the work site or
during the extremely dangerous blasting
process, when up to four diff erent technologies
are used to ensure that shafts are
clear. All this information combined in real
-time on a manning board to give a visual
representation of the status resources and
safety equipment
Another valuable innovation involves
the linking of a smart mobile device to a fi ngerprint reader. This creates
a mobile reader containing biometric and cellular technology that is not
only capable of being used to accurately pinpoint the whereabouts of
workers but also for bio-directional communication. This product has a
market in any organisation that is responsible for mobile staff , such as in
the instance of security guards. In remote areas where a lack of suffi cient
infrastructure is a particular challenge, mobile, self-contained systems
can mean the diff erence between success and failure.
“EOH Intelligent Infrastructure believes that integration is the key to
providing an eff ective, comprehensive solution. There is no margin for
error when lives depend on technology,” concludes Baptiste.
For more information contact EOH Intelligent Infrastructure,
0861 500 500, sales.ii@eoh.co.za, www.eohii.co.za

System integrators
Basix Group Bidvest Magnum
Card Control Systems
The Basix Group, security system integrators
and solution providers with over 20 years’
experience, and a strong presence throughout
RSA, serves government and private sector
customers in the fi nancial, transportation,
commercial-industrial and infrastructure
markets. Basix is the agent for March Networks,
a global provider of intelligent IP video
solutions.
Tel: +27 (0)11 210 3500 Head Offi ce
info@basixgroup.co.za
www.basixtech.co.za
EOH Intelligent Infrastructure
EOH Intelligent Infrastructure is a wholly
owned subsidiary of EOH, and is responsible
for sales, installation and support of products
on the African continent. EOH Intelligent
Infrastructure supplies and installs security,
CCTV, access control, communications and
time management solutions, building management,
fi re detection and off er a range of
leasing solutions.
Tel: 0861 500 500
Fax: +27 (0)11 844 3500
www.eohii.co.za
Jasco Security Solutions
Jasco Security Solutions (incorporating Scafell and
Multivid) designs, installs and maintains security
technology solutions. The business possesses
great depth of skill and experience, along with
a true understanding of the security challenges
faced by organisations of all sizes. Together with
the Jasco Group’s expertise in the ICT and Energy
sectors, we provide turnkey solutions.
Tel: +27 (0)11 894 7127
kleroux@multivid.co.za
www.jasco.co.za
Our solutions protect and enhance your
investments and profi ts as well as reduce risk.
We provide holistic security technology solutions
that enable you to concentrate on your
core business. From design, installation and
maintenance to monitoring, TVMS off ers peace
of mind with value for money solutions and
exceptional service delivery.
Tel: 0861 867 8867 (TVMS)
sales@tvms.co.za
www.tvms.co.za
Technology, software, products, specifi cations, strategies, services, consultants are all key aspects of
eff ective security.
But it takes appropriate knowledge and experience to put it all together to create
solutions that protect people, profi ts and assets and deliver
business benefi ts.
Skilled system integrators with a proven
track record are the link between
technology and solutions
that work.
We design, install and maintain integrated
security solutions. As client requirements are
unique, Bidvest Magnum Technology does not
have off -the-shelf security solutions. Instead,
we analyse the client’s needs, advise on optimum
solutions, design the required system and
then install it based on clearly defi ned project
guidelines as well as a detailed scope-of-work
document.
Tel: +27 (0)11 555 4949
kevinm@bidvestmagnum.co.za
www.bidvestmagnum.co.za
Your company
here?
Contact
Vivienne at
vivienne@
technews.co.za
or 011543 5800
To list your company here, contact Vivienne at vivienne@technews.co.za or 011 543 5800.
We provide total project solutions based
on specialist design, engineering and maintenance
services. CCS can design and install
systems to suit your needs and budget. And
we can evaluate, upgrade, repair and maintain
your existing system. Specialise in surveillance:
access control and T&A, fi re detection: audio
evacuation and public address, as well as parking
control systems.
Tel (011) 907 3192
cardcon@mweb.co.za
www.cardcontrolsystems.co.za
Honeywell Building Solutions
Honeywell Building Solutions is a leading
provider of integrated technology solutions
that support innovative ways of working. We
develop, install and maintain critical building
systems that help keep customer workplaces
safe, secure, comfortable and cost-effi cient.
Global experience across diverse markets
positions Honeywell as a technology leader
renowned for delivering value.
Tel: +27 (0)11 695 8000
servicehbsza@honeywell.com
www.honeywell.co.za
TVMS UTM Group
UTM Group is a provider of end-to-end total
security management services with integrated
solutions. These include managed surveillance,
access control, time and attendance, video
analytics, data mining and meaningful business
intelligence. UTM delivers security
management services by taking your entire
risk value chain into consideration.
Tel: 086 022 2266
info@utmgroup.co.za
www.utmgroup.co.za
www.securitysa.com Access & Identity Management Handbook 2013 77

SYSTEM INTEGRATION
T&A solution guide turnstiles.
General
1.) Describe the solution in general: The client was experiencing
problems with access control as well as calculating the payment of
both contract and fulltime staff . Common issues included excessive
overtime payment as well as buddy clocking and the onerous
manual completion of timesheets.
EOHii devised a solution based on Safran Morpho biometric readers
integrated into BESAccess and BESTime
to ensure an end-to-end solution from
EOHii.
The system is rolled out in phases.
Rollout commenced early 2011 at the
Germiston facility.
Challenges included the setting up of shifts
as there are many variations available at
the various depots. EOHii has deployed
a permanent resource to the client
to assist with not only system related
functions, but also advice on a business
and best practice capacity.
The result of the solution implemented is that millions in unaccountable
overtime pay has been saved.
2.) In what industry sector was the solution implemented? Logistics
3.) Name of customer/user: TFD Network Africa
4.) Name of SI/partner: EOH Intelligent Infrastructure
5.) Name of Vendor/distributor: EOH Intelligent Infrastructure
6.) Primary biometric product used: Safran Morpho fi ngerprint
readers
Customer/User
1.) Describe the solution installed and what were you hoping to
gain from it: The solution incorporates a Safran Morpho biometric
reader connected via the network to a T&A and access control
system. Blue Line and S-CUBE is the controlling unit. It allows for fast
and reliable fi ngerprint recognition. Needed to decrease issues with
access control as well as better control of overtime pay.
2.) Which department was the primary driver behind the solution?
Senior management.
3.) Did you integrate the solution with other access/identity management
systems or other business processes (HR/fi nance/
warehousing/etc.)? Integration to VIP Payroll system was required to
ensure minimum user and manual information capture throughout
the process. An interface back to the ERP system (drivers and vehicles)
is currently underway and will be completed by March 2013.
4.) Which company did you select to handle the consulting, installation
and maintenance of the solution? EOHii was selected for
its proven track record in successful installations of similar solutions.
Other contributing factors include: choice of product superiority,
after-sales service, on-site support technician, SLAs and help desk.
5.) Has the solution delivered according to your expectations?
Delivered beyond client expectations. Presence of EOHii onsite technical
specialist is an advantage.
System Integrator
1.) What technology did you use in designing the solution? Various
Safran Morpho biometric readers. MA100 for indoor use and MA500
for outdoor use; integrating to a variety of electronic locks and
78 Access & Identity Management Handbook 2013 www.securitysa.com
BESTime is a time and attendance program for calculating
hours worked and exporting to VIP Payroll. BESAccess is an access
control program.
2.) Why did you select the products you did? Perfectly suited and
proven to the needs of the client. The Safran Morpho readers can
integrate to most systems on the market. The software is fl exible to
accommodate customer-specifi c needs.
3.) What products did you integrate with?
EOHii BESTime and BESAccess software as
well as the turnstiles. This is all standard
integrations for EOHii. The only issue was
network and cable related, but this was
resolved almost immediately.
4.) Was the original manufacturer /
vendor / local distributor involved in the
installation? What part did they play?
Were you satisfi ed with their delivery?
Yes – EOHii.
Vendor/Distributor
1.) What facilities/applications are available to support integration
with these products? Permanent onsite technical team member
from EOHii.
2.) What skills do you have onboard to assist partners in integration
exercises? Information technology, software and database development;
electronic hardware development and support. Networking
infrastructure; high level support; service level agreements; helpdesk;
rentals.
Biometric Device
Manufacturer/ brand name: Safran Morpho
Biometric Readers
Biometric technology: Fingerprint
Hardware description: The solution incorporates a Safran
Morpho biometric reader connected
via the network to a T&A and access
control system. Blue Line and S-CUBE
is the controlling unit. It allows for
fast and reliable fi ngerprint recog
nition. The readers are robust and
come in two variants – one for outdoor
and one for indoor use.
Application: • Time and attendance – 1 500 users
on fi ve sites
• Access control – used for security in
conjunction with magnetic locks or
turnstiles.
Integration support off ered • Site survey
by supplier: • Planning
• Solutions design
• Onsite technician
• Maintenance and support (SLA)
Contact details for supplier: EOH Intelligent Infrastructure
Tel: +27 (0)11 844 3200
e-mail: sales.ii@eoh.co.za
www.eohii.co.za

SYSTEM INTEGRATION
Workforce Management
Solution Guide
General
1. Describe the solution in general: The lack of eff ective workforce
management solutions are costing companies dearly, especially in
large operational deployments. The utilisation of paper rosters causes
administrative overhead and is unreliable. Manual processes can also
not provide a real-time view of operations and deployment of staff .
ProSync for EasyRoster is a biometric identity management solution
specifi cally for workforce management. It provides a practical
biometric interface that, through its biometric data distribution
engine, seamlessly transfers personnel biometric and card information
across operations of any size over fi xed IP or 3G/GPRS infrastructure.
The seamless integration with EasyRoster delivers eff ective workforce
management with fully
synchronised branch, personnel
and site data that prevents
duplicate data capture.
EasyRoster is a workforce
management system that helps
to ensure effi cient rostering
of staff according to contract
requirements and recording
of attendance (as well as the
exporting of attendance details
to diff erent payroll systems).
The real strength of the system
is the management reporting
and the fact that it allows for
management by exception.
EasyRoster Deployment Manager empowers operational managers
to manage distributed staff deployments in real-time from a central
location. Deployment Manager is developed to interface seamlessly
with existing reader technologies. The integration with biometric and
proximity card readers ensures more accurate attendance data, better
management of staff deployments and a reduced wage bill through
accurate and real-time information.
ProSync was developed by neaMetrics, as the distributor of
Suprema in Africa, and has been proven, in conjunction with
EasyRoster, to provide operational managers with the business
insight and tools to perform their functions better, resulting in
optimised operational cost by minimising administrative functions,
reduced overtime and eff ective response times with under and over
staff ed sites.
2. In what industry sector was the solution implemented? EasyRoster
Deployment Manager, ProSync and the Suprema range of reader
technologies can be applied in any environment where a company
is making use of shift workers. Current installations include security
(manned guarding), cleaning services, outsourced service compliance
in the property investment (retail) sectors.
3. Name of customer/user? Currently utilised by an international security
company as well as two well-known shopping centres.
4. Name of SI/partner? Suprema hardware (distributed by neaMetrics),
ProSync software (developed and distributed by neaMetrics)
and EasyRoster software (developed and distributed by Easy Roster
Software). Both EasyRoster and neaMetrics were responsible for
80 Access & Identity Management Handbook 2013 www.securitysa.com
development and integration resulting in ProSync for EasyRoster.
5. Name of vendor/distributor? EasyRoster is developed, distributed
and supported by EasyRoster Software. ProSync is developed, distributed
and supported by neaMetrics. The Suprema range of biometric
devices are available through the neaMetrics reseller network.
6. Primary biometric product used? The BioLite Net is an extra-durable
IP-based fi ngerprint terminal with IP65-rated structure, comprehensively
sealing it against invasive moisture, dust and liquid, making it
perfect for outdoor or indoor installations. From simple door control
to complex networked environments, BioLite Net supports full T&A
and access control functionality for up to 5 000 users. It also features
an illuminated keypad, LCD backlight and LED indicator for excellent
visibility, off ers secure door control and I/O
expansion (secure reader mode) 128 access
groups and 256 time schedules and supports
anti-passback door zones for 64 readers.
Customer/user
1. Describe the solution installed and
what were you hoping to gain from it? T&A
information is routed in real-time via an IP or
GPRS network to the EasyRoster Deployment
Manager (ERDM) system, which processes
time events, applies business rules and eventually
updates the attendance details in the
EasyRoster database according to user-defi nable
business rules. The advantage of the
solution is that you have more accurate time
and attendance data at your disposal, with the fl exibility of ensuring
that the right person is doing the job.
The combination of EasyRoster and ProSync integration also
ensures no duplicate data capture, from initial registration of a new
employee, scheduling of employees, clocking of employees, through
to payroll.
2. Which department was the primary driver behind the solution?
In most cases the solution was driven by operational divisions.
They beauty of the solution is that it allows for seamless integration
between HR, operations and IT.
3. Did you integrate the solution with other access/identity management
systems or other business processes (HR/fi nance/warehousing/etc.)?
The solution forms a biometric identity management
solution, off ering seamless integration of biometric and proximity
readers, payroll and workforce management on one platform.
4. Which company did you select to handle the consulting, installation
and maintenance of the solution? Why did you choose
this company/these companies? Consultation and maintenance
of the solution is managed directly by EasyRoster and neaMetrics as
part of the software as a service model applied by both companies.
Installation of hardware is sometimes managed by external contractors
but, in the case of enterprise deployments, the companies
themselves are trained to install and expand as they require.
External installers are selected based on the national or
international footprint required as well as the ability to adhere
Continued on page 83

Continued from page 80
meaning that one SDK communicates with
to the end user’s SLA requirements.
12 diff erent types of terminals. The SDK is
5. Has the solution delivered according to updated with each release of new hardware
your expectations? Client expectations are and allows for the addition of new terminals
normally met within the fi rst three months with a few lines of code, ensuring easy ongo-
of implementation. The integration between ing enhancement of the solution.
the Suprema range of readers, ProSync
ProSync and EasyRoster integrate through
and EasyRoster Deployment Manager
shared data management, the MS SQL
Software technologies enables clients to get server, MS Message queuing and the .NET
what they pay for. The fl exible integration framework. As these platforms are evolving
between these systems allows for better
and getting better on an ongoing basis, so
planning (rostering), more accurate time and does the ProSync for EasyRoster solution.
attendance details and eventually, a lower 4. Was the original manufacturer/vendor/
wage bill. The most important functionality local distributor involved in the installa-
provided by these systems is the power of tion? Suprema was directly involved with
the management information and reports fi rmware enhancements to allow for addi-
that are provided. These reports highlight tional device functionality required specifi c
incorrect rostering in terms of the number to workforce management.
and/or grades of personnel rostered at a site,
projected and actual
Both EasyRoster and neaMetrics are
wage costs and
personnel performance.
These reports
enable an operations
manager to keep
day-to-day control of
operations in order
to ensure that costs
are kept to a minimum
and personnel
Company:
Web:
Email:
Phone:
Company:
Web:
Email:
Phone:
neaMetrics / Suprema
www.Suprema.co.za
Enquiry@Suprema.co.za
+27 (0)11 781 9964
EasyRoster
www.easyroster.net
info@easyroster.net
+27 (0)12 809 4270
requirements are precisely met.
involved with the architectural planning and
The biggest potential for failure lies in
design, back-end installation, product train-
implementations where deployment of staff ing and operational support. The EasyRoster
is informal and where formal rostering is not and neaMetrics team functions as a unit
utilised.
focused on addressing end user needs.
System integrator
1. What technology did you use in designing
the solution? The integrated solution was
developed utilising a variety of Microsoft
design and development tools and lower
level proprietary SDKs for device interface.
2. Why did you select the products you
did? We utilised these technologies due
to the fl exibility of integration, availability
of resources to maintain and enhance into
the future and the fl exibility it provided to
perform customisation for our clients.
3. What products did you integrate with?
The solution seamlessly integrates with the
Suprema range of biometric and proximity
terminals. No specifi c device integration was
required as the ProSync biometric engine
manages device integration independent
to the EasyRoster integration. The ProSync
engine, developed by neaMetrics, interfaces
with Suprema hardware through Suprema’s
device SDK. This integration in itself is easy,
due to the fact that one SDK is used to interface
with all available Suprema terminals,
Vendor/distributor
1. Provide specifi cs on the products used
in the above project? EasyRoster and
EasyRoster Deployment Manager is utilised
as the workforce management solution.
The ProSync solution is the biometric data
management and identity solution designed
for integration of Suprema’s terminals into
EasyRoster.
2. What facilities/applications are available to
support integration with these products?
Integration with all Suprema’s terminals are
done through the BioStar SDK. This SDK allows
for seamless integration with the full range of
Suprema’s T&A and access terminals.
3. What skills do you have onboard to assist
partners in integration exercises? neaMetrics
have a dedicated software development
team focused on assisting integrators with
the integration of the Suprema range of
products into their solutions. The Suprema
distribution team provides full product training,
architectural system design and hardware
integration support.
www.securitysa.com Access & Identity Management Handbook 2013 83

SYSTEM INTEGRATION
Protect your business’s most
important assets and
Access control is a vital aspect of any security solution. However, in
today’s technologically connected world it has evolved to include so
much more than simply permitting certain people into certain areas.
“People fl ow” is the next generation of access control technology,
off ering solutions that enable enterprises to organise the movement
and fl ow of people throughout a premises, building or site. This not
only helps you to protect your site, your property and your information
onsite, but also your most
important asset – your people.
People fl ow solutions are
all about securing the assets of
a business, rather than simply
securing certain areas. By
incorporating intelligence and
by designing solutions to meet
the specifi c needs of individual
enterprises, people fl ow solutions
help to improve productivity
and ensure people’s safety.
From mines where people
should not be allowed in certain
areas while blasting is happening,
to factories that require
people to be evacuated when
dangerous chemicals are used,
to standard offi ces that need
to know who is in the building,
where and when at any given
time in case of fi re or other
emergencies, people fl ow solutions
help to make people safer.
Jasco Security Solutions are
experts at designing, building
and integrating people fl ow
solutions that work for businesses,
regardless of industry
and in a product and brandagnostic
fashion. We don’t
just install products, or supply
Marius Maré
access control or CCTV. We
integrate security technology systems to ensure that they work optimally
together, and to ensure that solutions deliver maximum value and
benefi t for all of our customers.
We believe that access control is a primary technology that should
interface seamlessly into other security environments, including CCTV,
fi re detection, intrusion detection and even public address systems, to
ensure that maximum functionality is obtained. Using these systems, we
create people fl ow solutions that decrease the risk of unwanted individuals
on your site or in your building, and allow you to accurately monitor
both staff and visitors.
We have many years of experience in the security industry, and have
watched technologies grow and change. This has given us depth of
experience and taught us valuable lessons, including the value of listening
to our customers. Long before we start designing systems we listen
84 Access & Identity Management Handbook 2013 www.securitysa.com
evaluate the customers’ needs. We then work with our customers to
understand and accurately defi ne their needs, so that we can design and
build the right system to meet them.
We can integrate and install any access control solution, regardless of
the vendor or brand, from biometrics to cards to smart cards, and integrate
these into existing systems or any new systems you may require,
so we can make sure that our solutions not only fi t your needs but your
budget as well.
Backed by the off erings
of Jasco Industry Solutions
as well as our other security
off erings, we can integrate
security and fi re solutions
with building management
controls. By harnessing the
power of building management
systems, people fl ow
and access control can
become ever more intelligent,
turning off lights and heating
when people leave rooms
and locking the doors automatically
when the building
or site is empty. We can also
integrate security with power
quality and power assurance
solutions to help secure and
protect mission-critical business
technologies such as the
data centre.
As part of the Jasco Group,
we can also leverage solutions
across ICT and Energy, supplying
the physical cables along
with the IT and telecoms
infrastructure that enterprises
need to make their business
work. Today’s technology
relies on connectivity, and
security, access control and
people fl ow solutions are no diff erent. From the backbone and connectivity,
to contact centres and applications, right through to access and
security, the Jasco Group supplies it all, off ering true converged end-toend
technology solutions.
Security is critical for protecting your business, but security is no
longer a standalone facet of the organisation. Today, security solutions
and access control need to integrate into a host of other systems and
solutions to ensure adequate protection. Jasco Security Solutions, as
part of the Jasco Group, off ers the holistic, all encompassing solutions
tailored to meet the individual needs of each and every one of our
clients.
For more information contact Jasco, +27 (0)11 894 7127/8,
mmare@multivid.co.za, www.jasco.co.za

Workforce management effi ciency
By Walter Rautenbach, neaMetrics.
We have seen a renewed interest the past 18 months in the area of effi -
cient workforce management. Since the term workforce management
seems to have fallen in to the trap of becoming a common buzzword, a
clear defi nition is needed.
In essence, it is a solution that:
• Enables planning and rostering of required staff ,
• Ensures the correct rank and skill level is deployed,
• Provides real-time updates of the current status of your diff erent sites
or locations to assist with operational management, and
• Limits overtime and wage cost to achieve optimal profi tability.
It is our belief that the reason for this renewed interest can be
attributed to the economic situation. Companies need to ensure that
employees are at work when they claim they are. This goes hand in hand
with overtime claimed where work has not actually been performed, as
well as the issues around ghost employees.
Aside from these obvious reasons, companies also need to ensure
they can secure clients and that the client gets what he pays for. Tenders
are price-sensitive and therefore suppliers need to price for the correct
amount of employees in order to fulfi l requirements.
With outsourced services such as cleaning and guarding services, we fi nd
that service level agreements (SLAs) are becoming stricter. Penalties infl icted
when companies do not provide the correct staff required for a job have a
negative fi nancial and reputational eff ect on companies that do not comply.
Workforce management is not a new concept, but the tools available
to do this eff ectively, most of the time, rely on planning and recording
systems that are only as reliable and authentic as the staff providing the
input. As with most companies that need to count every penny, so too
do individuals. Unfortunately, some of these individuals will fi nd any
means possible to get as much out of the system as possible in their
fi ght for survival. Most of them do not understand the negative impact
on their employer’s profi t, their ability to expand business and to provide
jobs. Manual timesheets, telephonic check-in of remote staff and
trust are tools that are ineffi cient for today’s businesses.
neaMetrics has concentrated its eff orts on a solution that can fi t into
the required parameters for delivering accurate and effi cient workforce
management. This entails integration with EasyRoster to enable more
accurate time and attendance (T&A) details via biometric technologies.
EasyRoster has been involved in optimising workforce management since
1996. The company has 530 installations in 24 countries, with a strong
focus on the manned guarding, cleaning and labour broking industries.
Although the initial product development focused mainly on the
guarding environment, some other areas of interest are also apparent.
Attraction from large retail environments that carefully need to plan
their staff deployment is one. Another one is property investment companies
that utilise third parties to service their investments.
For more information contact neaMetrics, 0861 632 638,
info@neametrics.com, www.neametrics.com
TRENDS
www.securitysa.com Access & Identity Management Handbook 2013 85

TRENDS
Identity in Africa, the mobile
upwards
By Sanjay Dharwadker.
The mobile is more than a phone in Africa.
In Africa, many more people are likely to reap the benefi ts of mobile
telephony, in many more ways, than any other continent before. It may
sound like a contradiction, but these are the facts. Today, a little over
500 million people on the continent, possibly constituting 60% of its
population, have a personal mobile connection, in many cases their only
institutionalised identifi cation.
Besides this, it is often the only means of communication – for business,
family and socialising – the PC and the Internet being still sparsely
available. For millions still, it is the only way of banking, and where
education is an urgent and important need, the only source of sharing
knowledge. All this makes the need to securely identify the subscriber,
of paramount importance.
The telecom operators that
have made its widespread use
possible come from different
backgrounds, and with contrasting
marketing ideologies. Vodacom
has followed the predominantly
western norm, and has connected
the African elite with a world-class
service. Airtel has arrived from the
East, with products and services
that have mass appeal.
By repeatedly breaking price
barriers, they have hoped to
increase talk times. But in Africa,
if the subscribers saved talk-time
money, they would rather buy
a bicycle, or even daily necessities.
Such are the complex socioeconomic
pressures in much of the
continent. Nevertheless, they were
to get on with the arduous climb to
economic prosperity, just as Asia did
in the previous decades, it would be
heavily dependent on the mobile
telephone.
More than a phone
Sanjay Dharwadker.
But herein lies a crucial catch and
this was more than highlighted
recently in an East African country, where its national ID card program
fl oundered and because of the absence of any other means of formal
identifi cation, the much needed telecom expansion, has come almost to
a halt. At one time, technologies associated with identity management,
such as biometrics and smart cards, were often jocularly referred to as
“solutions looking for a problem”, but somehow in the African context
we may have fi nally come full circle.
In many countries, the mobile network operators (MNOs) are already
86 Access & Identity Management Handbook 2013 www.securitysa.com
working with banks. Both, besides being well-established corporate
entities, are continuously monitored by regulators from the government
or quasi-government bodies.
To establish the subscriber identity, two missing pieces need to be
put in place. First is the establishment of unique identity, at the time of
enrolment. Deployment of a one-to-many biometric search engine is
ideal, and this can easily be institutionalised (on behalf of the state, so to
say) by the network operator and / or the bank. This could well be their
cost of “owning the customer”.
The second is to enhance the current standard two-factor authentication
(SIM and PIN / PUK), that ensures the uniqueness of the instrument,
but not of the subscriber. With
recent developments in voice recognition
this could change. However,
this technology is new, and both its
reliability and cost would require
some time to settle in.
A paradigm shift
However, if it does in the coming
years, it could be a welcome breakthrough
and could even cause a paradigm
shift in systems like the pension
payouts that have been pioneered
in South Africa and are being implemented
elsewhere in Africa. Reliable
voice recognition would provide the
crucial missing piece in the entire
jigsaw and eliminate altogether the
need for the old and the infi rm to
(even if it once a month) to queue
up and be recognised for a physical
payout. It could all be done on a
mobile phone then.
For a moment then, let us just
imagine, even if it sounds like fantasy
– that instead of electoral rolls, and
citizen registration systems, and
health insurance, and pensions,
and welfare – if it is only the mobile
phone with each citizen!
It would indeed be a win-win for all – the citizen will have a trusted
identity (and a voice) – s/he can transact, learn and socialise, the cost
can be more than recovered by the service providers, and millions more
can become part of the global mainstream of commerce and communication,
while the state can have a means of listening in to their citizens,
all at the same time.
A case seems certainly to be there, but maybe we have to all think it
through. Any takers?

Points to consider in
selecting biometrics
By Kelly McLintock, UTM Group.
The landscape in access control is constantly changing with respect to
the technologies, products, costs and end-user requirements As South
Africa becomes a more dangerous place, heightened security starts to
make more sense.
There are a number of biometric scanning technologies available,
but which one is best is the subject of much contention between not
only vendors, but also manufacturers.
Biometrics-based access control is a way in which UTM Group
believes South African businesses can further secure their premises
eliminating lost card, stolen PIN codes and, in the case of time and attendance,
eliminate buddy clocking.
With so much at stake, end users should carefully consider who gets
involved with biometric technologies. Do you want to rely on cheap
knock-off biometric products whose algorithms and design may not
have been subjected to adequate evaluation and testing?
UTM Group has put together a list of requirements that should be
considered, when investigating biometric technologies.
Site conditions: These play an important role. Each biometric technology
has characteristics which diff erentiate it from the others. Indoor as
opposed to outdoor, and specifi cally, the IP rating (Ingress Progression).
This rating classifi es the degrees of protection against dust, water and
impact that electrical equipment and enclosures can aff ord.
Existing system capabilities: Biometric upgrades are totally possible
without having to rerun cabling or changing other system assets.
Throughput required: This means how many individuals the system
will be required to screen, or scan, and how fast must this be accomplished
to avoid creating delays and user frustration.
Reliability and effi ciency of the reader: Every person who uses the
system will have to be enrolled and verifi ed. Misreads or malfunctions
will cause issues.
Price: The cost of the hardware and the amount of technical support
required to keep biometrics functioning. Essentially, the total cost of
ownership for the solution.
Ease of deployment: Biometric systems and readers are more robust
and modular; software is written to interface more readily, and the readers
are designed to withstand harsh environments – once again depending
on the IP rating.
Reliability: Improved technology results in fewer hardware failures and
security lapses.
Convenience: Newer biometrics are less intimidating and easier to use.
Unlike keys, PINs, keypads, picture IDs or magnetic swipe cards,
biometric technology and identities cannot be transferred to another
person, stolen, copied or counterfeited. UTM Group believes the application
of biometric technology eliminates or greatly reduces the opportunity
for identity theft, unauthorised access and the potentially disastrous
consequences to safety and security.
www.securitysa.com Access & Identity Management Handbook 2013 87

OPINION
Access control does not equal time
and attendance
By Michael Horvitch, national technical adviser, Regal Security.
A T&A system requires a lot more than simple IN/OUT transactions.
There is a strong misconception, both by installers and end users, that
any access control system that can connect to a PC is automatically a
time and attendance (T&A) system. Just download the logs and you
have a T&A report.
While the information retrieved from an access control system can
be used to generate suitable T&A reports, a large amount of processing
is required to do this – especially if one wants to comply with the Basic
Conditions of Employment Act!
An access control system is, as the name implies, a system to control
and manage access of people to specifi c areas at designated times. The
logs that the system keeps are intended for security auditing purposes
only. A T&A system requires a
lot more than simple IN/OUT
transactions.
A proper T&A system, will take
logs, usually from a dedicated T&A
reader, and process these logs
according to a strict set of rules.
These rules are based on how
the company works – what time
they start, what time they end,
lunch breaks, permissible overtime
etc. These rules are largely
dictated by the Basic Conditions
of Employment Act. However, the
rules will vary from company to
company depending on their own
environment, requirements and
history.
Typically, a T&A system will be able to generate a number of useful
management reports to assist, not only for payroll, but also daily management.
These reports should include a late comers report and absenteeism
report. These would allow the management to get an immediate
snap-shot of attendance for the day. Reports such as Clocking
Exceptions, Clocking Adjustments, Leave and Early leaving are also very
useful for the day to day management of a business and for cases of
disciplinary action.
Obviously, the main function of a T&A system is to generate reports
of hours worked. These report need to be able to refl ect Normal Time,
Time-and-a-Half, Double Time and any other special time allocations
that the company may require. These reports need to be able to be
fi ltered by person, department, date, day, week or month. These reports
must be calculated based on work rules, as well as requirements and
leniency of the law.
South African law is diff erent from the rest of the world in the rules
that govern our working hours. Typically working more than a certain
number of hours of normal time a month would automatically role up
into overtime. Conversely, if there is a shortfall in normal time, but the
person has worked overtime, that can be fl owed down to fi ll the short
fall in normal time. Unlike the rest of the world which only has Normal
88 Access & Identity Management Handbook 2013 www.securitysa.com
Time and Overtime, South Africa requires at least Normal Time, Timeand-a-Half
and Double Time, each with its own conditions attached.
A suitable report for use as a timesheet should include Clock-In and
Clock-Out times for each day, as well as daily totals. At the bottom of the
timesheet the columns should be totalled up and then re-calculated in
line with the required rules for the reported period. This should all be
clearly and logically laid out on each timesheet. Get these calculations
wrong and a visit to the CCMA may be on the cards or staff may go on
strike.
As mentioned above, South Africa has special requirements for
T&A systems. As such, it is highly recommended that when selecting
software for a T&A system a local
software house that specialises
in time management software
should be considered. This has a
number of advantages :
• the software will comply with
the requirements of South
African law,
• the software house will be able
to quickly adapt the software
in the case of changing laws,
• the software house will be able
to customise the software to
meet individual requirements,
and
• support is only a phone call
away.
Also, South African T&A
software will off er a payroll export feature that supports the commonly
used, local payroll packages. Flexibility is important as well as every
South African company works diff erently, but must still comply with
unique legal requirements.
Most of the available software packages are integrated with a
number of hardware platforms. One would be able to select the clocking
reader of preference – RFID, fi ngerprint, facial etc from your preferred
hardware supplier. Various brands are widely supported by the diff erent
software houses.
There are a huge number of T&A options out there and it is important
that the system selected be compliant with the laws, be fl exible
enough to meet the requirements of the company, and be supported
and backed up by all suppliers. Always remember that time and attendance
is a service. Also, remember to get a few people to advise and
quote, as not all solutions may suit your particular environment. Choose
carefully and you will have a valuable business tool that will save the
company signifi cant amounts of time and money with a speedy ROI. Get
it wrong and the costs could be devastating.
For more information contact Regal Distributors, +27 (0)11 553 3300,
mel.labuschagne@regalsecurity.co.za, www.regalsecurity.co.za

Local digital identity innovation
A technology world-fi rst is set to revolutionise the process of managing identity.
The recent Identity Indaba saw, among other presentations, the introduction
of a new South African innovation in digital identity management.
It’s called GreenBox and it takes identity management to a new
level.
That’s according to Alan Goodway, business development executive:
Innovation at Business Connexion who says that not only does GreenBox
capture multiple types of identity data; it also provides an identity-verifi -
cation platform – all from a single device.
GreenBox combines a camera, fi ngerprint reader, document scanner,
digital signature pad with an interactive touch-screen, EMV-compliant
smartcard reader, USB connection,
device drivers and plugand-play
capabilities straight
into Microsoft-based operating
systems.
All this comes in a desktop
unit that weighs under 2 kg and
has a footprint less than an A4
notepad.
Multiple applications for
secure ID management
Goodway says that the process
of account take-on provides
an example that illustrates
the extensive capabilities of
GreenBox.
“Let’s say I want to open an
account at Supa-Dupa Stores.
First, GreenBox takes a 20 megapixel
picture of me. It then scans
my SA ID book – or my driver’s licence or even my passport. Next on the
ID data-capture list comes my fi ngerprints, followed by my signature on
the digital pad. The interactive touch screen also gives me a choice of
account-services that I might want.
“Supa-Dupa now has a picture of me, a digital fi ngerprint record, a
copy of my ID book and my digitised signature. They also know what
type of account I want and the services I’d like to have associated with
it – statements by e-mail or in the post, for example.”
Once the comprehensive data-capture process is completed,
GreenBox can run the new customer’s ID details through a credit bureau
to make sure they’re good for the money. It can verify the details against
the National Centre for Certifi ed Identities (NCCI). It can even link up
with a smart card printer to make a temporary Supa-Dupa store card.
And the customer can then swipe that through the GreenBox smartcard
reader to pay for all their purchases.
In summary of the outcomes from this process, Goodway says, “In
the space of a few minutes, the new customer has been FICA’d or RICA’d
all in one go. Supa-Dupa has got a new, trusted and credit-approved
customer with all the supporting documents in their digital document
archive. And the customer has jumped at their special off er on a new
smart-phone and bought one.”
Case study: micro-lending industry
Goodway says that Business Connexion have already developed a
blueprint solution for the fi nancial services sector – in particular for the
rapidly expanding local business of micro-lending.
One objective was to structure a solution that could accelerate and
reinforce security within the existing process that manages the lender’s
sales representatives across a distributed geographical environment. For
new representatives, this process begins with a take-on and background
screening function. The BCX solution reduces the time taken to complete
this from around two weeks to just two days.
Simultaneously, it creates a de-duplicated database of representatives
whose access to the lenders’ IT systems is then controlled by
fi ngerprint-based authentication
through the SuperSign software
platform. For example, when an
approved representative wants
to load new loan agreements,
system-access is no longer based
on a password, PIN or card but
through fi ngerprint identifi cation
of the agent.
Using GreenBox, the new
representative’s identity data and
fi ngerprints are captured and
a validity-check is run through
the National Centre for Certifi ed
Identities – the NCCI. This initial
‘quick-check’ confi rms gender,
telephone numbers, name and SA
ID number.
If all is in order, a more detailed
background check is automatically
run through MIE. “The initial
quick-check avoids the expense of having to conduct MIE screening
on new personnel whose ID data might be clearly problematic,” says
Goodway, “And the solution’s fi ngerprint component also ensures that
staff are enrolled only once across the enterprise.”
By creating a centralised biometric database, Business Connexion
is also able to use this identity data to manage physical access to the
organisation’s offi ces. Goodway says, “This capability provides true convergence
between HR’s take-on function, physical access control, time
and attendance monitoring and control of IT access and activity – all
within a single, centrally-managed solution.”
Architecture of the micro-lending solution
In terms of environmental maturity, GreenBox is also advanced
because of its paperless management of identity data and all the
associated paperwork for identifi cation-compliances such as FICA and
RICA.
As Goodway points out, “Conventional forms do not have to be
designed, printed, packaged, distributed, fi lled-in, photocopied or
physically stored. The whole process can be automated with GreenBox
and the traditional costs associated with all this are eliminated by digital
management of identity-related data.”
For more information contact Alan Goodway,
Business Connexion, +27 (0)11 266 1483.
TRENDS
www.securitysa.com Access & Identity Management Handbook 2013 89

TRENDS
State of the access control market
Scott McNulty answers a few questions about the changing access
control landscape.
The access control market has evolved consistently over the last fi ve
to eight years, with new solutions being introduced that have taken
technology originally designed for the commercial market and making
it viable for the small business market. Easier to install solutions that
can now be managed by the end user, improved integration between
systems from diff erent manufacturers and the introduction of mobile
apps are just a few of the recent developments.
In this article, Scott McNulty, product manager for Kantech, a Tyco
Security Products brand, answers a few questions about the changing
access control landscape, what these changes mean for dealers.
What are some of the latest and most innovative
developments to happen in the access control market?
Scott McNulty: Integration has been and continues to be one of the
biggest topics in the access control market. People want to see more and
more integration between their access control system and all kinds of
other applications used, not only to secure their buildings, but to run their
business. Those applications can include integration of security platforms,
such as security access control with video or intrusion, as well as human
resources systems, fi re systems, time and
attendance systems and systems that control
logging into computers. It is currently a very
big trend amongst manufacturers to trade
SDKs (software development kits) and to
enable linking systems together.
Who is driving integration?
McNulty: This trend is primarily being driven
by the end user who wants simplicity, but the
security industry as a whole has embraced
this movement and integrated solutions are
becoming the norm versus the exception.
How has this evolved?
McNulty: Previously you had an intrusion
system, a card access system and a video
surveillance system and you managed three
separate systems without any interoper- Scott McNulty
ability. In fact, in many cases you would have
three separate monitors on your desk. Where
we are going is now you have more information in one central location
and each solution is linked together, making the data easier to manage.
How long has this been happening?
McNulty: An integrated system is not a new concept. A decade ago,
systems were “bolted” together, but it was rather clunky. Within the last
two years, technology has evolved to allow a more seamless integration.
The shift is thanks to more manufacturers being willing to off er their
SDKs and make their systems more open. In the past, you had to use one
brand of camera with the same brand of recorder and the same brand
of software. Today, you can use a camera from one manufacturer with a
recorder form another company. Manufacturers today are recognising
this is where the market has to go.
90 Access & Identity Management Handbook 2013 www.securitysa.com
How has the perception of access control changed in
the last few years?
McNulty: Years ago, access control systems, and particularly integrated
solutions, were not regarded as either being easy to install for the integrator
or intuitive to manage for the end user. It’s important to make it
as simple as possible for the integrator and the end user. The integrator
wants to off er a competitive price, then easily install the system to get in
and out, while the end user needs a reliable security system, that allows
him to present his card and walk through a door without any hassle.
How are mobile apps changing access control?
McNulty: Mobile apps are generating a lot of interest and they have the
wow factor. People are excited about mobile apps and, as a result, when
you off er an access control system that off ers a mobile app component it
helps a dealer close the deal. With most mobile apps, people can lock or
unlock doors and monitor their system. That’s the basic stuff . Our recently
introduced EntraPass Go takes it a step further to include every function
that’s important to the end user, such as deleting a card if an employee is
let go or generating reports and remotely sending them to the appropriate
staff person.
Beyond software, cards and readers,
what new solutions have been
developed in the access control fi eld?
McNulty: One new development is an all-in-one
integrated server comprised of access control,
IP video surveillance and intrusion with one
common interface. This simplifi es the process for
the end user because it’s a secured, tucked away
box that is protected from viruses and integrated
with other systems. Kantech’s Intevo provides an
integrated security platform based on EntraPass
software and includes American Dynamics IP
video management software and DSC intrusion
alarm integration – managed in a single user
interface. The benefi t of this for the installer is
the simplicity of a plug and play appliance that is
already integrated. For the end user it’s the ease
of use of having one common interface.
How has the access control sale evolved?
McNulty: The sales cycle for access control has changed quite a bit in
the last 10 years. It used to be quite long because, generally, only larger
buildings implemented access control systems, so it was a long process
because of the size and cost. The sales cycle has become shorter with
the introduction of smaller and less expensive access control systems,
meaning that an integrator can turn around a project within a shorter
period of time. Today, card access is accessible to a much larger market,
making access control a benefi cial investment for the systems integrator
and end user alike.
For more information contact Tyco Security Products,
+27 (0)82 566 5274, emallett@tycoint.com, www.tycoacvs.com

A guide to access control
and sustainability
BSIA white paper.
Access control provides the ability to control, monitor and restrict the movement
of people, assets or vehicles, in, out and round a building or site.
The system is essential for all businesses to protect people and assets
and has the added benefi t of being expanded from controlling, for
example, a single entrance door, to a large integrated security network.
There are also huge potentials in terms of integrating this technology to
other systems, such as time and attendance, visitor management, ANPR,
fi re, intruder and CCTV, which can cut costs and streamline administration
costs.
The scope of the technology is certainly impressive, and with
sustainability and fi nancial concerns high on the agenda of many businesses,
it is important to understand the many
ways in which an eff ective access control system
can also help cut energy bills by both reducing
energy wastage and improving an organisation’s
environmental footprint.
What are the components of access
control systems?
Access control systems are all designed to allow
access only to people with the necessary authority
to ensure that goods and staff are protected, while
helping manage known or anticipated threats. In general, access control
systems form part of a comprehensive and integrated security strategy.
Generally, systems comprise three component parts:
1. The physical barrier – to physically restrict access to a building or
location via such methods as:
• Doors; secured by either a magnetic or strike lock or can be revolving
or sliding.
• Turnstiles and speedgates; designed to limit access to one person for
one card presented.
2. The identifi cation device – There are a number of diff erent technologies
used to identify users of an access control system, such as:
• A proximity card and reader using RFID – cards can be programmed to
work at a short read range or a long read range.
• A smart card and reader.
• A swipe card and reader.
• PIN pads.
• Biometric (e.g. fi ngerprint, facial, iris scanning).
3. The door controller and software – The door controller and software
are at the heart of the system and are used to decide who can gain
access through which access point at what time of the day. These can
vary dependent on the size of the system and how many readers or sites
you are trying to control from one point. Some of the options include:
• A stand-alone door controller linked to a single door with no software.
• A number of door controllers all linked together to a single PC to
control one site.
• A number of sites all interlinked together over a wide network area.
Reducing a company’s environmental footprint
Despite the widespread fi nancial cutbacks, corporate social responsibility
and being able to demonstrate environmental credentials remains a
The BSIA is off ering
insight into using
access control
systems to enhance
sustainability.
BEST PRACTICES
priority for many businesses. What many often fail to realise, however, is
the crucial role that their security provider can play in helping to combine
cost savings and environmental commitments, whilst reducing the
risk of theft and vandalism.
Access control has long held a valued place within organisations of
all types, helping to monitor the fl ow of authorised personnel around
the premises while playing a vital role in health and safety and visitor
registration.
Recent developments in technology within the security industry
means that access control measures can now also play a favoured role
in reducing your premises’ environmental footprint. Perhaps the primary
and most common way to achieve this is by
carefully looking at the wealth of information that
access control technology can provide.
The building or area occupancy data provided by
the system can highlight which areas of a building
are occupied and when, and which are not being
utilised to their full potential. Identifying this can
lead to a number of important decisions which
will go a long way towards reducing your environmental
footprint and producing substantial cost
savings.
Examples include the decision to adjust lighting and HVAC (heating,
ventilation and air conditioning) requirements depending on
whether or not the area will be used at a certain time of the day, as
well as to reallocate any unused space, either internally or by renting
it out.
Other ways in which access control can help reduce the environmental
footprint of a company is by integrating it with Building Energy
Management Systems (BEMS), or avoiding heat wastage by isolating
indoor spaces with the use of security revolving doors. The access control
system itself can be energy effi cient, for example using low voltage
turnstiles.
Access control and sustainability in practice
The fi gures behind building energy management systems
While traditionally Building Energy Management Systems (BEMS) were
focused on controlling the building’s internal environment, it is now
commonplace for it to be integrated with the fi re and security systems in
place, including CCTV and access control.
BSIA member ADT provided BT’s site in Castle Wharf, Nottingham,
with a BEMS system which slashed the electricity bill of the site by 77%,
by implementing a better control system.
BT’s energy manager for the Castle Wharf site, spoke about how
this worked in practice: “We needed to refurbish the HVAC system and
wanted to install variable speed drives because we knew there was a
potential for energy saving. Out of hours, there are only a few occupants.
As the fans were not speed controlled, this led to a large waste
of energy. Also, the car park ventilation was not needed at night and
needed to be controlled as well.
“Additionally, our Building Management System was not set up the
way we wanted and so we decided to use a BACnet based system. This
www.securitysa.com Access & Identity Management Handbook 2013 91

BEST PRACTICES
would allow us to zone the building and introduce time controls to take
account of occupancy patterns.”
A BEMS can typically control up to 80% of a building’s energy usage, so
it’s clear to see how using access control to optimise the system to suit the
variable usage and occupation of a building can streamline energy usage.
In such systems, data gathered by access control and visitor monitoring
systems is used to inform the BEMS of the nature and function of the
people occupying a heating zone. Knowing what roles are being fulfi lled
by individuals operating within a heating zone also allows the BEMS to
make adjustments and lower the amount of fuel consumed.
This information is applied by the BEMS to heat-loss algorithms to
determine the minimum amount of heat to be applied to a particular
area, reducing the amount of energy consumed and avoiding unnecessary
wastage. For example, a small group of students performing largely
sedentary activities
will require
more heating
than a large
group of manual
workers conducting
more
physical activity
in a relatively
small area.
Identifying
patterns in
visitor behaviour
can stop the
unnecessary
heating of unoccupied
heating
zones, saving
fuel and reducing
CO emis-
2
sions. This works
intelligently,
using past data
to assess when
a certain area of
the building is likely to be occupied, activating heating in time for visitors’
arrival and reducing temperature or turning off the heating entirely
during periods of inactivity. This can be particularly useful for university
buildings, where operations and activities adhere to a regular schedule
which is easily ‘learned’ by the BEMS to assess the timing and level of
heating required to adjust the systems accordingly.
Insulating access points at Redbridge College
One of the greatest challenges for any education establishment is
balancing the need to create an open, stimulating and comfortable
environment, while ensuring that people and equipment are protected
from the threat of theft, vandalism and physical attack.
BSIA member, Kaba, was approached by Redbridge College to tackle
the issue around the automatic sliding doors currently in place at the
college.
It was explained to the BSIA member that the doors were allowing a
cold ingress into the reception area and throughout the building each
time the doors opened. With the frequent comings and goings of all site
personnel and in light of today’s continually rising utility rates, this was
proving to be both impractical and costly.
92 Access & Identity Management Handbook 2013 www.securitysa.com
After listening to the client’s requirements, Kaba proposed and
subsequently installed a fully automatic revolving door with bilateral
automatic pass doors. The automatic pass doors were installed either
side to provide seamless access for people with reduced mobility and for
the transportation of goods via the reception area.
The product provides an energy effi cient solution for entrance areas
thanks to the thermal separation design incorporated into the façade of
a building. This allowed the college to achieve excellent thermal insulation,
whilst having a customised design fi tted and being provided with a
solution for emergency escape routes.
Increasing the effi ciency of access control itself
As well as integrating with systems such as BEMS to reduce energy
wastages, recent developments in technology mean the access control
systems themselves
are now
proving to be
increasingly
sustainable.
Access
control systems
can in fact off er
energy savings
while maintaining
reliability
and performance
by utilising low
energy light
sources in offi ce
environments,
resulting in an
immediate cut
down on energy
use. As opposed
to utilising a
more traditional
linear power
supply, switchedmode
power
supplies are therefore gaining in popularity in the access control market.
Such supplies can in fact off er sizable savings in energy consumption by
incorporating a switching regulator in order to be highly effi cient in the
conversion of electrical power.
To prove the benefi ts associated with adopting the switch-mode
power supply as opposed to linear systems, BSIA member TDSi tested
both approaches. They calculated that using the switch mode power
supplies in place of linear systems with transformers would save users,
on average, an impressive £50 per controller per year in energy costs.
Saving energy on each appliance therefore provides a solid foundation
on which to cut operational costs.
However, to build on this requires the integration of all the diff erent
system components so as to off er a more effi cient solution.
Thames Valley introduces integrated access control system
BSIA member Integrated Design completed an installation of Fastlane
speedgates (pedestrian turnstiles with tailgate detection) for Thames
Water, having been proposed by a UK based national systems integrator
providing high-end systems.
The installation integrated retracting glass barrier gates and

contactless smart-card readers, along with cashless
payment canteen systems to create a seamless
and sustainable experience for staff and
visitors. The installation is designed to reinforce
the use of staff access control cards without
restricting access to authorised users.
The system’s cards allow access to the building
via the turnstiles and to zones relevant to
the card holder, as well as carrying funds for
purchasing food and beverages in the restaurant
and vending facilities along with a ‘follow
me’ printing solution.
The aesthetics and eff ectiveness of the
secure solution were praised by the client,
as was its extra low power consumption. The
BSIA member in fact produced and installed its
turnstiles with extra low power consumption of
less than 50 Watts per pedestal. A fi tting choice
considering the theme of the business park is
based around its green credentials.
What other benefi ts can access
control systems bring?
In addition to ensuring the security of premises
and being able to positively impact on an
organisation’s environmental footprint, there
are many more functions that access control systems
can cover to help with business operations.
Time and attendance
With both staff and visitors entering and leaving
the premises, badge/token technology can be
used to record employee hours and monitor visitor
movement within a specifi c site. If
appropriate, these can be processed against
working hours, applicable for both temporary
and permanent staff , which can work in real-time
to feed transactions through to the company’s
payroll. Time and attendance systems also
accurately help keep employers on the right side
of the European Working Time regulations and
manage holidays and absences eff ectively. Fast,
accurate and easy-to-use, these systems are suitable
for businesses employing just a few people,
right up to large multinational companies.
Visitor monitoring
In contexts where visitors can easily blend in
with the high volume of staff present, the use of
PC and computer networks should be considered.
These systems can print photographic ID
and allow access to be restricted to certain areas
within the site. Moving to a software solution for
visitor management is an easy and inexpensive
solution and can provide a number of added
benefi ts.
Automatic Number Plate Recognition
To monitor the movement of vehicles on site,
CCTV-style cameras and computer software can
be used to identify number plates of vehicles.
Some systems can also store photographs of the
driver and vehicle for subsequent analysis. This
sophisticated software allows critical information
to be passed to the police to assist in the
pursuit, identifi cation and capture of off enders
should an incident occur. Visual proof of parking
off ences with the corresponding time and
date information is provided as evidence and
to avoid disputes. Using a Driver and Vehicle
Licensing Agency (DVLA) link, monitors are
then able to identify the owner of a vehicle and
process the off ence automatically.
Fire roll call
Fire roll call software will automatically generate
a report in the event of a fi re or other emergency
containing crucial information in relation
to who is within the building and their movements
around the site. This software operates
via the access control smart card or fob that an
employee uses to gain access/exit to a building.
In the event of an emergency, the fi re roll call
software alerts occupants to the emergency
whilst simultaneously activating the report at a
safe pre-determined remote point.
Please note that in order for the fi re roll call
software to eff ectively carry out its function,
employees and visitors must always present
their card or badge. The use of smart card
or RFID controlled turnstiles can help in this
situation.
Integrated security systems
Sites can benefi t from a fully integrated access
control system with CCTV, intruder alarm, turnstiles,
fi re detection and building management
systems. One way to attain this is by adopting
the use of Internet Protocol (IP) technology,
which allows these systems to ‘talk’ to each
other to maximise their eff ectiveness.
Separate access control and intruder alarm
systems, for example, could allow an employee to
access an area, through an external door, that is
set with an alarm. However, unless the employee
has the authority to unset the system, the access
would result in a false alarm being activated. An
eff ectively integrated system would recognise
that the user does not have the authority to unset
the system, so would not allow them in the area
to begin with, until someone authorised grants
them access by unsetting the alarm.
About the BSIA
The British Security Industry Association (BSIA) is the
trade association for the professional security industry
in the UK. Its members provide over 70% of UK security
products and services and adhere to strict quality
standards.
www.securitysa.com Access & Identity Management Handbook 2013 93

CASE STUDY: GOVERNMENT
High security access at nuclear site
Protecting the centre of Australia’s nuclear research and development expertise.
The Australian Nuclear Science and Technology Organisation (ANSTO)
is Australia’s national nuclear research and development organisation
and the centre of Australian nuclear expertise. Its main site is located
at Lucas Heights Science and Technology Centre (LHSTC), 40 km southwest
of Sydney’s CDB. The Centre occupies 70 hectares and is surrounded
by a 1.6 km buff er zone.
Prescribed by the Australian Nuclear Science and Technology
Organisation Act 1987, its purpose is to deliver specialised advice, scientifi
c services and products to government, industry, academia and other
research organisations.
ANSTO’s nuclear infrastructure includes the OPAL (Open Pool
Australian Lightwater) Research Reactor. OPAL is Australia’s only nuclear
reactor. It provides industrial radioisotopes and facilities for neutron
activation analysis, irradiation of materials and neutron radiography
to service the needs of agriculture and
industry, particularly with regards to electronics,
the environment and resource
and mineral processing.
In November 2006 OPAL reached its
full operating power of 20 Mega Watts for
the fi rst time as part of the reactor’s commissioning
process. ANSTO’s infrastructure
also consists of particle accelerators,
and a range of other unique research
facilities including radiopharmaceutical
production facilities for Australasia.
ANSTO is responsible for implementing
security at LHSTC in accordance with
stringent international and Australian
obligations. These include Australian Government’s nuclear non-proliferation
Safeguards agreements.
Layered security
As a result, security is layered throughout the organisation and is structured
around various security grades of facilities. The Gallagher security
integration platform (formerly Cardax FT) is the backbone of electronic
access control and intruder alarms at ANSTO. Many of the other security
measures employed on site are interfaced to the Gallagher system. At
the perimeter, Gallagher controls gates, turnstiles, bollards, and boom
gates. Long range readers have been implemented at the main entrance
gates for convenient vehicle access.
The HIFAR protected area and facilities are surrounded by a Gallagher
security electric fence system to deter and detect any would-be intruders.
Future plans include introducing high level integration between
Gallagher Command Centre and the Trophy FT perimeter security
system for seamless confi guration and monitoring of perimeter security
through Gallagher Command Centre.
The OPAL Research Reactor building contains all the nuclear systems,
the reactor and the service pools. It protects the reactor from all external
events and also provides the structural basis for reactor containment.
Made of reinforced concrete, it is seismically qualifi ed and has a metallic
grillage for protection from an aircraft crash. In designated high security
areas at ANSTO, the Australian Government’s Type One intruder alarm
standard applies.
94 Access & Identity Management Handbook 2013 www.securitysa.com
Type One security
UltraSec, a high security variant of the Gallagher system, meets Type
One requirements for securing these areas. UltraSec provides endto-end
system security through very high levels of data encryption
and monitored communications. The system signifi cantly exceeds the
Australian Government’s requirement of 56-bit DES by using a minimum
encryption key length of 128-bits coupled together with stronger
encryption algorithms.
UltraSec also supports access control. Alongside 870 staff , access is
also required for 150 research students and 1 000 contractors, not to
mention numerous visitors.
Having migrated from a legacy Commander-based Cardax system,
ANSTO recognises that there are signifi cant benefi ts of moving onto the
Gallagher platform:
• Meets the Australian SCEC Type One
security requirements for high security
areas including the OPAL research
reactor through UltraSec.
• Integrates both access control and
intruder alarms for high and medium
security areas through the system division
partitioning feature.
• Achieves seamless integration with
DVR systems.
• Supports backwards compatibility
with their Cardax Commander II hardware,
enabling them to upgrade to
Gallagher Controllers while retaining
their existing readers and cards.
• Interfaces with the Gallagher perimeter security system for alarm
monitoring.
• Allows operators the fl exibility to arm (set) disarm (unset) or isolate
various alarm zones (areas of the intruder alarm system) in the fi eld
through the Gallagher Remote Arming Terminal.
An ANSTO representative says that Gallagher is much more of a global
security management system. “The comprehensive reporting options
enable us to provide timely management information.” The integrated
PhotoID option also makes cardholder management and the production
of photo ID cards much easier to control. ANSTO utilises the Gallagher
Challenge feature in high security areas such as the OPAL Research
Reactor. This feature enables the operator to check the identity of a cardholder
by comparing the cardholder’s image in the system against a live
image from a third party CCTV/DVR system and provide or deny access.
Guard staff are also able to grant visitors access to the site via a
remote link to the Gallagher system. For example, if a bus full of people
comes to visit the site they can badge their access cards to a hand-held
reader while onboard the bus, for quick and effi cient access control.
As part of its plan to maintain site security, ANSTO has committed
to annual Gallagher software maintenance that enables them to elect
new optional features as they are developed as well as benefi t from the
general improvements made to system performance.
For more information contact Gallagher, +27 (0)11 974 4740,
lyn.dupreez@gallagher.co , www.gallagher.co

Integrated security
defends the prosecution
UTC Fire & Security off ers Botswana’s Department of
Public Prosecution a fully integrated solution.
Formerly the British protectorate
of Bechuanaland,
Botswana, adopted its
new name after becoming
independent within
the Commonwealth on
30 September 1966. It
has held free and fair
democratic elections since
independence.
Botswana is up to 70%
covered by the Kalahari
Desert. It is bordered by
South Africa, Namibia and
Zimbabwe. Its border with
Zambia to the north is
poorly defi ned but at most
is a few hundred metres long. A mid-sized, landlocked
country of just over two million people,
Botswana is one of the most sparsely populated
countries in the world. The country also has a
strong tradition as a representative democracy.
In 2009, when a local contractor started
building the new Head Offi ce of the Botswana
Department of Public Prosecution, it needed
a security manufacturer that could provide
a modern solution capable of delivering fi re
detection, access control, intrusion detection
and video surveillance.
The future system had to be effi cient and integrate
all functions across the site. In addition to
the previous demands, Botswana’s Department
of Public Prosecution needed an easy to manage
solution for its own security personnel. UTC Fire
& Security’s experience and record of success,
combined with a strong standing relationship
between both parties, allowed it to win the bid
and commence work on the site.
The solution
UTC Fire & Security off ered
Botswana’s Department of
Public Prosecution a strong
proposal that met their high
demands. Covering intrusion
detection and access
control, the ATS Master solution
off ers not only a secure,
but also a cost eff ective
solution.
Throughout the site, over
30 detectors make sure no
unwanted action or movement
goes undetected.
To address access control,
over 30 readers have been
placed at key access points throughout the site,
controlled by standard badge readers.
UTC Fire & Security’s DVRs cover the video
surveillance needs. Four DVR units connect
close to 50 analogue cameras. Finally, the FP
fi re detection system is in place, connecting
over 200 smoke detectors, enabling security
staff to detect fi res at an early stage and take
necessary action.
All systems are linked to the central control
room where the Alliance security management
platform enables full integration between the
diff erent systems, allowing security administrators
to operate, monitor and maintain the
complete security suite in an easy and effi cient
way.
For more information contact UTC Fire
& Security, +27 (0)11 579 7300,
Gretchen.Geldenhuys@fs.utc.com,
www.utcfi reandsecurity.com
www.securitysa.com Access & Identity Management Handbook 2013 95

CASE STUDY: COMMERCIAL
Access to mixed-use development
By Allyson Koekhoven.
40 on Oak is an upmarket apartment block within the Melrose Arch
mixed use development in Johannesburg. The fi ve-storey building has
54 units ranging from one to four bedrooms, and fi ve penthouses on the
top fl oor.
The developers decided that any access control systems installed in
40 on Oak would need to be able to integrate with the systems already
running at Melrose Arch. In addition, the systems needed to conform
to the planned future expansion and upgrading of the precinct-wide
access control and building management system (BMS) requirements.
The UTM Group was approached in November 2011 to assess,
determine and design an access control system that would achieve all
the client stipulations in terms of both future proofi ng and backwards
compatibility. At the same time, due to the nature of the fi nal development,
aesthetics played a large role.
Kelly McLintock, Group Managing Director of the UTM Group, said of
the existing access control system at Melrose Arch: “A total of over 450
doors are controlled across all areas of the Melrose Arch precinct. Our
challenge was to provide a solution that would integrate with all existing
bespoke systems, and which will also be compatible with any future
expansion of the precinct. We also looked to streamline the administration
process and off er improved monitoring and control.”
Cost and quality were weighed up against the pressing security
requirements at 40 on Oak. “As the security integrator and solution
provider for the project, our fi rst plan of action entailed consolidating
and mapping the existing system to determine areas requiring attention.
It was important to then design and implement a system for both
40 on Oak and the rest of the Melrose Arch precinct that will provide the
end user with a state-of-the-art and user-friendly solution,” McLintock
explained.
“The solution comprised three main components: an access control
system, Stentofon IP intecom system and Bosch BVMS CCTV system. The
selection allows us to integrate with the site-wide system, with a view
to future proofi ng. The systems will control access to the general areas
of the building via all external entrances, as well as individualised access
for the lifts.”
The biggest challenge faced by UTM was the software and fi rmware
incompatibility between the systems that are currently in place, and the
new system proposed for 40 on Oak. “In order to provide a truly integrated
solution, it was necessary to institute upgrades across the board
which would not only benefi t the 40 on Oak residents, but also all the
users across the precinct. The entire project is being tackled in a phased
approach over the next three years and UTM is currently on deadline
for completion of the 40 on Oak section of the project in early 2013,”
McLintock added.
The access control system at 40 on Oak comprises the control of 74
access controlled doors and over 100 monitored doors, using a combination
of readers. Each user is enrolled for a specifi c zone, for example
‘4th fl oor’, with the ability to customise each user for multi-zone access
levels. This not only applies to 40 on Oak but, once again, to the entire
precinct. Readers at the lifts ensure that when a user tags in the lift, they
will only be able to access their designated fl oor.
The building, which has received accolades for its green compliance,
will possibly in the long term utilise the access control system to control
power usage. “When a tenant leaves their unit, the system could switch
all non-essential powered items off to eliminate unnecessary power
96 Access & Identity Management Handbook 2013 www.securitysa.com
consumption. When the tenant swipes his card to enter his unit, full
power would be restored to his unit,” explained McLintock.
Visitors to the building will be required to interact with tenants via
the Stentofon IP system. This system interfaces with a building-wide
PABX system. Each unit is equipped with a SIP phone that doubles as a
VoIP telephone and an intercom handset.
“UTM’s input from the design stage ensured that all conduit and
electrical requirements were in place prior to fi rst fi x commencement.
This meant that there were no surprises or unforeseen problems as the
installation progressed,” said McLintock.
The feedback received from the client has been extremely encouraging.
“We have been told that the installation and service exceeds their
initial expectations and based on the success of the project to date, the
customer has extended the scope of the project and contract period,”
McLintock concluded.
Once the project is completed, UTM will provide all onsite support,
maintenance and servicing requirements.
For more information contact UTM Group, 0860 22 22 66,
kelly@utmgroup.co.za, www.utmgroup.co.za

A taste of
integrated
access control
A BSIA case study.
Integrated access control, time and
attendance and HR system for food
packaging company.
A BSIA member was used to install a fully integrated access control, time
and attendance and HR system for Ultimate Packaging. The system took
advantage of non-contact smart cards to allow easy access for authorised
personnel. The system was also interfaced with the company’s existing
intruder alarm and CCTV systems.
Ultimate Packaging is one of the most powerful independent forces in
the food packaging industry today. It has made great strides in a relatively
short time and since the millennium has produced year-on-year growth.
The company now employs some 200 people at their factory in Grimsby. In
2005, director, John Shaw, and IT manager, Jeremy Hodson, were in search
of a fi rst class combined access control, time and attendance, fi re roll call
and personnel system
“The system we fi nally chose was a fully integrated access control
system,” said Hodson. “The main advantage of this system was that it used
non-contact smart cards which are very easy to use. The software also had
excellent reporting facilities. Compared to other systems I have used in the
past, the integrated system we chose was easy to manage and was infi -
nitely expandable. In essence, it is a scalable product that can grow as the
business grows.”
No problems were encountered during the installation of the hardware.
There were some initial software teething problems, but these were minor
and soon fi xed with a software upgrade. Interfaces between the integrated
access control system and Ultimate’s existing intruder alarm and CCTV
system were also installed. Staff were also trained in the use of the new
system. Some of this was at the Ultimate site and some at the vendor’s
training centre.
Hodson said that Ultimate probably doesn’t use its access control system
to its full potential, but that he intended to roll out more of the system in
the coming months, especially in the area of access control and personnel.
Asked what he liked most about the system, he said: “reliability and ease of
use, I am not sure how we managed before we had the new system”. He also
explained that they use smart key fobs as opposed to the usual smart cards.
“We fi nd them extremely reliable and unobtrusive”, he remarked.
Hodson said that they have used the vendor’s helpdesk facility and were
pleased with the level of support. He was glad to report that Ultimate has
not had to use the fi re roll call system “for real”, but that they do test it every
week and audit the printout. Ultimate is looking to deploy another smart
card attendance clock and extra access control doors to a new unit adjacent
to the main site and that the network had also been extended via a fi bre
optic cable.
When asked if he would recommend BSIA registered companies to other
businesses, he replied: “The company we chose has given us a good product
and excellent service. The advantage of using a BSIA member company
is that you know you are buying from an ISO 9000 accredited organisation
with the backing of the security industry’s trade association.”
www.securitysa.com Access & Identity Management Handbook 2013 97

CASE STUDY: MANUFACTURING
Carrol Boyes reduces downtime
with Trac-Tech system
The brand name Carrol Boyes is synonymous with quality and attention
to detail. Managing absenteeism and accurately calculating hours
worked had become a pressing issue at the company’s Cape Town and
Paarden Eiland facilities. Trac-Tech stepped in to tackle the problem.
Carrol Boyes was established 20 years ago by its namesake and
has grown into a household name as a manufacturer of upmarket
homeware and tabletop items. The company is headquartered in Cape
Town with manufacturing facilities in Paarden Eiland and Tzaneen,
retail shops in Johannesburg, Cape Town and New York, and outlets
throughout the world.
“The company has grown substantially since its formation, so keeping
track of all employees has become a logistical nightmare. We have
always had a very fl exible approach to starting and fi nishing times,
but lately we had found certain employees taking advantage of the
system,” said the company’s human resources manager, Merle Kemp.
Kemp explained that the company’s existing time and attendance
(T&A) system was old and unreliable. “We recently implemented a
40-hour working week, in accordance with legislation, so we required
a T&A system that would allow us to accurately track the exact hours
worked by each employee. At the same time, the system needed to
be able to track the hours worked by certain employees when they
moved between our branches.
“We reviewed the requirements of the Carrol Boyes facilities and
decided to install a ViRDI biometric fi ngerprint reader at both the Cape
Town head offi ce and the Paarden Eiland factory. These are complemented
by Unis and Time Register T & A software,” said Trac-Tech sales
manager, Marj Valasek.
The ViRDI biometric fi ngerprint reader lends itself to reading
Carrol Boyes’ human resources manager, Merle Kemp, with the ViRDI biometric fi ngerprint reader
98 Access & Identity Management Handbook 2013 www.securitysa.com
damaged and almost invisible fi ngerprints. Virdi uses calibration of
minutia points and others to enrol the fi ngerprint, thus eliminating the
problems normally associated with damaged fi ngerprints.
“We required the system to incorporate specifi c rules and it needed
to allow for fl exible start and fi nish working times and shifts,” said
Kemp. The Unis software allows real-time viewing of all clocking data
and enables the management to ascertain exactly who is on the two
premises at any time.
“I was provided with training on the Unis system and Time Register
software at Trac-Tech’s offi ces. The facilitator ensured that I would
be able to quickly and easily enrol each user on the system and that
maximised reporting results were available to me instantaneously. The
service levels from Trac-Tech, from the initial planning stages through
to the system implementation, have been of an exceptionally high
standard,” said Kemp.
The system currently monitors the time and attendance of
43employees in Cape Town and 77 employees at the Paarden Eiland
manufacturing facility. “Plans are underway to link the system to our
VIP Payroll system and we are currently investigating the possibility of
extending the T&A system, together with biometric fi ngerprint readers,
at all the retail stores,” said Kemp.
“This user-friendly, reliable and very accurate system has reduced
the absenteeism rate and made life much easier for the HR department,
by the direct reduction of the time needed to perform the
calculation of employee working hours,” Kemp concluded.
For more information contact Trac-Tech, 0861 100 199,
info@trac-tech.co.za, www.trac-tech.co.za

Compliance via biometrics
Environ, local manufacturers of a range of active-ingredient beauty
products, is in the process of building new Cape Town facilities with
high-end biometric access control and time and attendance.
The Medicines Control Council (MCC) has very strict regulations
around access into the facilities of companies manufacturing health and
beauty products that contain controlled substances. Non-compliance
can result in fi nes and even temporary or permanent closure.
“Our current facilities use access control for the morning and evening
fl ow of employees. However, there is little indication of the actual
movements of the employees once they enter the premises. When we
embarked on the plan to build our new 10 000-square-metre production
facilities, we decided to upgrade our access control and time and attendance
systems to provide more functionality, control and feedback,” says
Danie de Jager, Environ’s IT manager.
Environ has consistently produced a number of market-leading
vitamin-based skincare products over the past 21 years. Quality and productivity
play a predominant role in the company’s business ethos. “We
cannot aff ord to compromise any section of our production facilities, so
the implementation of a superior access control system is paramount,”
says De Jager.
Environ was fi rst exposed to Trac-Tech’s products at a trade show
in Johannesburg in 2011. “We were very impressed by the company’s
approach and the high service levels they exhibited. The product off ering
consistently receives good reviews and we were impressed with the
fact that the systems cannot be circumvented. We put the contract out
to tender and we were further impressed at the company’s cost-eff ective
proposal,” says De Jager.
“Trac-Tech upgraded the time and attendance (T&A) system at the
existing Environ factory. In essence, the upgraded T&A system allows
the Environ team to familiarise themselves with the system that will
be installed at their new building. To date we have received favourable
Environ’s new facilities.
feedback from the human resources department, which cited great
improvements in the accuracy of employee time keeping,” says Trac-Tech
sales manager, Marj Valasek.
Valasek explained that the new system comprises Trac-Tech’s proprietary
Time Register software as well as a number of biometric fi ngerprint
readers and ancillary equipment. “We are supplying seven ViRDI AC2100
biometric fi ngerprint readers with ViRDI SR100 slave readers; six ViRDI
AC2500 biometric fi ngerprint readers; 22 ViRDI AC2100 biometric fi ngerprint
readers; 43 booth controllers; as well as one waist-height single
iMAT turnstile and one waist-height double iMAT turnstile for the factory
and security checkpoint respectively, both with emergency pedestrian
gates.”
The biometric fi ngerprint readers will be installed at the entrances to
the primary manufacturing area, the entrances to the secondary manufacturing
area, the fi nal goods store, the dispatch area and the entrance
to the building. Time and attendance capabilities are provided at the
entrance point at the administration building and the manufacturing
facility.
“We have deliberately designed the canteen so it is located outside
the manufacturing and administration buildings. In this way, we are able
to monitor the time that employees spend productively within the main
facilities,” says De Jager.
Because the MCC rules and regulations change, Environ required a
system that had built-in fl exibility in the critical paths. “Trac-Tech has
been incredibly patient and accommodating with the frequent changes
we have had to make to the specifi cations on the contract, in order to
comply with both the MCC’s stipulations as well as with changes in the
building programme and design,” De Jager concluded.
For more information contact Trac-Tech, 0861 100 199,
info@trac-tech.co.za, www.trac-tech.co.za
www.securitysa.com Access & Identity Management Handbook 2013 99

CASE STUDY: MANUFACTURING
Xpanding access control
Impro solves T&A and access control issues for security barrier manufacturer.
Xpanda is a manufacturer of trellis
doors, burglar guards, roller shutter
doors and other barrier security
products. The existing access/time
and attendance system (T&A) comprised
old mechanical locks, which
were used to calculate the times at
which employees arrived at work.
In addition to reviewing the
T&A aspect of the facilities, Xpanda
had various access points that also
required biometric access control
to facilitate better management of
their employees.
The product proposed by Impro
Technologies was the IXP400 access
control system. This was deemed
best fi t because of its powerful software,
strict access control parameters
and zone routing.
From a T&A perspective, Xpanda
required a system that would seamlessly
and effi ciently replace the old
existing mechanical clocking system
and that could be used in conjunction
with Payroll software.
Xpanda also required the system
to be set up to compel the employees to follow a pre-defi ned path
in order for them to enter and exit the site. Biometric readers were
installed at several access points for strict access control as well as at
the clocking stations where they were used together with the Time
Manager software.
On entering the site, employees have to report to the ablution
blocks before being permitted entry to their workstations. Similarly,
when they fi nish working for the day, they have to clock out of their
100 Access & Identity Management Handbook 2013 www.securitysa.com
workstations before proceeding to
the ablution area. Thereafter, they
are able to leave the premises. This
practice of zone routing ensures that
the employees follow a logical route,
thereby preventing them from accessing
unauthorised sections of the site.
The requirements were for 10
access points, comprising seven
clocking points for T&A purposes;
and one each for men, women and
a main turnstile. Approximately 400
tagholders are registered on the
system.
The system includes third-party
software and devices; Morpho MA100
biometrics reader for the secure
clocking at the T&A points and access
control points, and Time Manager
software, which was integrated back
into the IXP400 to provide more
accurate times for payroll purposes.
In addition to streamlining access
control and increasing the reliability
of T&A data, the new system has
eliminated the infamous method of
buddy clocking.
Client details
Client details
Company Xpanda
Contact person Gregg Lennon
Telephone No. +27 (031) 791 0061
Email xpanda2@argent.co.za
Website www.xpanda.co.za
Sector Manufacturer

Pepkor opts for turnstile access
Pepkor is undertaking a major expansion of its warehouse facility in Isando.
The Pepkor Group, established in 1965, manages a portfolio of retail
chains focused on the selling of clothing, footwear and textiles. Its main
operating subsidiaries are Pep, Ackermans and Dunns, among others.
The group trades from more than 2 800 stores and employs over 28 000
people.
Pepkor is currently undertaking a major expansion of its warehouse
facility in Isando and has constructed a 66 475-square-metre premises.
The warehouse, which is customised to meet Peps operational requirements,
has been developed in line with international warehousing standards
and trends. The warehouse will provide a state-of-the-art backbone
for the entire Pepkor distribution network.
A number of diffi culties had to be overcome in order to ensure the successful
operation of the new warehouse.
• Safe storage of high value goods.
• Prevention of internal theft.
• Accurate employee time and attendance monitoring.
• Securing the canteen and ablution facilities and preventing time and
attendance fraud related to those areas.
The ultimate goal was to create a secure solution which took into
account the unique requirements of Pep’s situation. Theft and time and
attendance fraud had to be limited. However, the access control solution
should not hinder the day-to-day operations of the warehouse, nor the
fl ow of goods through the distribution centre.
The warehouse solution
The sheer size of the warehouse with its diff erent distribution channels
had to be analysed in terms of stock control as well as employee access. It
was also necessary to carefully plan the turnstile installation according to
the building programme of the contractor.
Turnstar was the choice when it came to the turnstile installation.
Turnstar has a proven track record when it comes to large scale projects
and its products are particularly suited for warehouse applications. A
number of turnstiles were manufactured and installed at various pedestrian
entrances around the warehouse.
Six Triumph 3 full height turnstiles were installed at the employee
entrance from the street. The installation represents the fi rst line of security
for the warehouse. As these turnstiles were installed outdoors, Turnstar
recommended supplying them with a hot dip galvanised fi nish. A hot dip
galvanised fi nish provides a high level corrosion resistance and is suitable
for external environmental conditions.
Another six Triumph 3 full height turnstiles were installed at the entrance
to the warehouse canteen and the ablution areas. These turnstiles were supplied
with an aesthetically pleasing charcoal blue powder coated fi nish.
The Triumph 3 full height turnstile is fi tted with both the Turnstar
Rotalok rotation locking mechanism and Rotarun perpetual base bearing
which are guaranteed for a period of fi ve years and are designed to provide
maintenance free operation. All wearing parts are case hardened and self
lubricating industrial plastics are incorporated into the turnstile mechanism
for longevity.
The manufacture of the turnstiles was complete within three weeks of
receipt of the order and installation was carried out over a period of two
weeks.
Client details
Company Turnstar Systems
Contact person Craig Sacks
Telephone No. +27 (0)11 786 1633
Fax No. +27 (0)11 440 5839
E-mail info@turnstar.co.za
Sector Warehousing
www.securitysa.com Access & Identity Management Handbook 2013 101

CASE STUDY: MANUFACTURING
Integrated access roars
with fl avour
Pepsico Simba derives multiple business benefi ts from access control and
attendance management solution.
Pepsico Simba, the iconic South African snack brand that has
captured around 70% of this enthusiastic consumer market, began
looking for a new solution to its production management systems
in 2010.
Reshigan Govender, business solutions manager at Pepsico
Simba, comments: “The time was right to take advantage of the new
technology and sophisticated software systems
that had become available in the access control
(AC) and time & attendance (T&A) systems. We
also wanted to standardise the associated
business processes across all our production
units in Isando (Gauteng), Durban and
Cape Town.”
The initial plan was simply to replace
an outdated card-based manual system,
but the company rapidly decided to
maximise the business development
opportunities off ered by Bytes Systems
Integration’s solution. Andre du Plessis,
Business Consultant at Bytes, explains:
“The advent of accurate and reliable
biometric fi ngerprint scanners
combined with the ability to extract
further value from the data through
customised analysis and reporting
has changed the nature of AC and
T&A systems.
“These advances resolved serious
problems inherent in older systems
such as the detection and prevention of
ghost workers, buddy clocking and other scams which infl ate
production costs”.
Pepsico Simba looked at a variety of solutions on off er but
the Bytes proposal, utilising a combination of Safl ec SACS Access
Control and Kronos Time & Attendance systems powered by input
from Morpho fi ngerprint readers was the obvious choice. Safl ec’s
integration into SAP business analysis software was another major
contributing factor in this decision. Pepsico’s positive global experience
with Kronos T&A systems was equally infl uential.
A fl exible workforce
The seasonal aspects of Pepsico Simba business presented some
interesting challenges in the fi rst-phase of the implementation to
replace the AC and T&A functionality. “Demand fl uctuates in the
Pepsico Simba business cycle, with huge peaks around December
and April, the major holiday seasons, and other smaller but signifi -
cant peaks at various times throughout the year. Major sports events
and long-weekends are typical examples,” explains Govender. He
102 Access & Identity Management Handbook 2013 www.securitysa.com
adds: “Our T&A usage is confi ned to about 2 600 permanent staff
members and our AC systems handles around 5 000 staff members
under average operating conditions. However, at times of peak
demand, AC numbers can rise by as much as 30% across our three
production units.”
Pepsico Simba has onsite labour brokers who work to meet
the company’s fl uctuating labour requirements from a pool of
pre-authenticated outsourced labour. Du Plessis explains: “Prescreening
is obviously an important part of the planning
process but rapid enrolment, together with ease and
speed of updating AC permissions, is absolutely crucial
in such a volatile situation.” The fi ngerprint enrolment
process has been streamlined to the point
where 2 to 3 minutes are suffi cient to enrol
each additional worker on the AC and T&A
system.
Decisions also have to be taken
regarding the production volume
points at which it becomes more
economical to outsource additional
labour versus authorising overtime
for permanent staff members.
“This aspect of the system is
important to Pepsico Simba because of
the cost implications. The pay rules we
designed provide the required reporting
functions to monitor and accurately forecast
the production points where the balance
tips in favour of each option,” explains du Plessis.
“Pay rule development has actually been the major feature of
the customisation process. There are many factors to consider in pay
rules. A key feature of the success of the Pepsico Simba system is the
fl exibility of the Kronos data collection and Safl ec integration into
SAP reporting functions.”
Some of this complexity results from the company’s rapid
organic growth where each division of the company had to make
their own decisions given the existing conditions in the local labour
market.
Govender comments: “Standardisation has generated signifi cant
cost savings for Pepsico Simba and we anticipate further improvements
as this process spreads throughout the company over time.
We were very impressed by the way Bytes were able to customise
the system to handle the realities of our existing situation. Further
cost savings will be generated as standardisation occurs across all
our divisions.”
But some of the other factors that will always have to be taken
into account include basic pay, overtime and shift rates for a
variety of diff erent functions (for example distribution, warehouse,

production), number of hours worked, leave allocation, time allowed
for lunch breaks, and a variety of travel and shift allowances.
Going for gold on implementation
Implementation took place in two phases distinct phases. The initial
phase, started in December 2010, was aimed at installing and testing
the required equipment over all three sites and getting the basic
system functionality up and running.
Essentially, the data is captured by a range of Morpho biometric
fi ngerprint readers (T&A using MA 500 readers, AC using J Series
readers for interior and 520 readers for external locations). The data is
fed into Safl ec’s SACS, which sends it to a centralised database server
in Johannesburg for further processing in Kronos (T&A) and SAP
(fi nancial, HR and payroll).
But much of the success of implementation relied on careful
and accurate planning and data design. Du Plessis says: “We feel it
is crucial, especially in situations such as this where there is no prior
relationship and a complex set of requirements to be met, to work
together with all the stakeholders to produce a formal system design
and specifi cation.”
Operations, IT, HR and fi nance personnel from Pepsico Simba
worked closely with the Bytes team to establish a precise set of
parameters for system functionality and to determine the company’s
organisational structures for management processes and reporting
functions. Regular meetings were scheduled to record issues and
provide project updates. “These meetings are vital for a successful
project. Everybody benefi ts from being kept up-to-speed on the
developments and changes that are inevitable given the complex
user requirements of Pepsico Simba. Everybody needs to stay
informed,” explains du Plessis.
One of the major issues that was revealed and addressed because
of this consultative process was an under-estimation of the scale
of the project: the initial estimate of 1600 users grew to an actual
2600 users, which translates, in systems terms, into additional access
points. But more importantly, these meetings led to the development
of Pepsico Simba business processes based on the improved
information coming out of the Kronos T&A application.
The second phase, lasting over 8 months, was devoted to refi ning
systems operation and expanding and developing the management
reporting functions. As already noted, pay rules formulation required
a great deal of eff ort to cover all the diff erences between paying
permanent employees (with all their many varieties of skills, allowances
and benefi ts) and reconciliation of labour brokers invoices
for outsourced labour from the company’s T&A reports. Automatic
balance-of-leave-owing fi gures assist managers with leave allocation.
The AC system was confi gured to prevent exit of personnel until
they had clocked out of the T&A system.
Health and safety requirements also had to be addressed for
emergency situations where a head count is required – knowing how
many people are in each section of the premises becomes vital. So
the system was adapted to prevent re-entry of personnel who have
exited without recording their fi ngerprint on the AC system.
Currently, enhancements are in progress to address visitor access
control utilising a bar-code scanning system to record driver’s
licences or ID documents.
“Evolution is a key concept in this type of system. As Pepsico
Simba business requirements change and develop, Bytes will
continue to respond with new ways to mine the data for new and
improved reporting functionality designed to extract further value
for Pepsico Simba. A good example of how this has already occurred
is in using historical data to build shift-pattern analysis and developing
statistics to provide more accurate forecasting of required work
force levels”, explains du Plessis.
Does 20/20 hindsight reveal any keys to success?
Du Plessis considers this to be a tricky question: “My answer
would have to be both ‘yes’ and ‘no’: on the one hand, preparation,
especially in terms of developing an accurate organisational
structure and defi ning business processes, is undoubtedly useful.
However, there have been many advantages gained from new ideas
that evolved from playing around with the system and thinking
‘what if . . .’
“You have to commit to the constant evolution model. Thinking
that the system will be fi nished when current requirements are
met will lead to missed opportunities as the business grows and
develops. New ideas and new technologies will arrive. The real key
to ongoing success to lies in working out how to maximise these
developments to benefi t the business.
“We have been extremely fortunate in working with Reshigan
Govender on this project. He knows what he wants but he has an
open mind and is always prepared to listen to what we have to say.
This enables us to formulate the options, assess the risks, and select
the best solution. When you have this type of excellent working
relationship between supplier and customer, it naturally creates a
win-win situation for all concerned.”
Govender concludes: “Bytes’ consistent focus on business benefi ts
has produced substantial cost reductions for Pepsico Simba. We were
impressed that we got a ROI on this system within one year and we
anticipate further improvements as we continue to develop and
refi ne the system.
“The high levels of customer service we experience from Andre
du Plessis and the entire Bytes team make it a pleasure to do business
with them and we look forward to continuing this benefi cial
relationship.”
Client details
Company Pepsico Simba
Contact person Reshigan Govender – Business Solutions Manager
E-mail reshigan.govender@pepsico.com
Sector Food Manufacturing
Scale of project All Production Units. T&A: 2,600, AC:±5 000
Key elements Safl ec controllers & SACS AC software.
Kronos T&A software integrated into SAP business
analysis software.
Morpho fi ngerprint readers: J Series (AC internal);
OMA 520 (AC exterior); MA 500 (T&A).
Benefi ts Accurate access control and time management,
delivering substantial cost savings across all
production units.
Detailed reporting on labour, procurement and
fi nancial analysis refl ecting current & forecast
business requirements.
Solution supplier Bytes Systems Integration, Andre du Plessis,
+27(0)73 569 7574
www.securitysa.com Access & Identity Management Handbook 2013 103

CASE STUDY: MANUFACTURING
Biometrics: returns beyond access
Omnia cultivates healthy business results from its large-scale access control and
attendance management solution.
Jarrison Systems worked with one of SA’s leading fertiliser manufacturers,
Omnia Fertiliser, to implement a fi ngerprint-based solution that has
been cutting costs and accelerating business processes from day one.
Leon Leimecke, senior systems analyst at Omnia’s plant in Sasolburg is
delighted with the commercial results that have been delivered by the
Jarrison solution. “We achieved everything we hoped to achieve and
much more. The fi ngerprint readers are amazing, we don’t have problems.”
Over the years, Omnia have implemented a number of on-going
upgrades to their access control systems. Prior to introducing the system
from Jarrison, the last of these upgrades was based on using handgeometry
scanners to identify employees.
Jason Matthews of Jarrison Systems says that although biometrics
can off er signifi cant advantages in comparison to card-based access
and time and attendance (T&A) systems, it is important to recognise
that not all biometric technology off ers the same level of performance.
“First of all, one needs to select the right biometric methodology. Based
on our practical experience of working with biometrics over the past
six or so years, fi ngerprint is clearly the right choice. All our operational
experience of on-site performance means that we only recommend the
Morpho range of fi ngerprint scanners.”
Employee identifi cation in a manufacturing facility
Leimecke says that the hand-geometry scanners consistently failed
to meet the challenges of working in an industrial environment.
“Maintenance on the scanners was high and the sensors had to be
cleaned almost weekly. The guide pins on the platens of the handgeometry
units were also very susceptible to electro-static discharge, or
ESD, which kept causing the units to fail.
“These problems resulted in high False Rejection Rates which meant
that access was repeatedly denied to properly authorised employees,
undermining the whole purpose of trying to achieve consistently accurate
identifi cation.”
Before hand-geometry readers were implemented, Omnia Sasolburg
used an HID card-based access control system. Leimecke says that the
104 Access & Identity Management Handbook 2013 www.securitysa.com
HID card-based system was also problematic because the dusty environment
meant that the exit drop-boxes kept jamming and also created the
administrative task of being emptied of their cards each day. “Aside from
the security concerns relating to controlling access, we knew that buddy
clocking was causing us big problems.
“What was needed was a proven, robust solution that could
address all the access control aggravations with a single identifi cation
technology.”
Accurate identifi cation in a large enterprise
Leimecke says that Omnia’s fi rst priority was to sort out all the access
control issues, followed by resolving the attendance management challenges.
“We fi rst needed to install a solution that would provide us with
a consistently reliable way to identify our employees and all the people
visiting our site. Having sorted that out, we then intended to use that as
the foundation for our time management and payroll systems.”
Matthews’ view concerning the choice of biometric technology is supported
by Leimecke who says that Omnia did consider alternatives to
fi ngerprint-based identifi cation – including solutions like iris recognition
– but their choice was heavily infl uenced by the fact that they needed a
robust identifi cation solution that would work fi rst time, every time for
all employees and visitors.
Matthews says, “From past experience, we were certain that Morpho
fi ngerprint readers would provide the necessary levels of performance
in the various working environments across Omnia’s site. This gave us
the starting point for identifi cation, providing a solid foundation for
building a multi-purpose solution.”
Having established a clear understanding of the outcomes required,
Jarrison ran an on-site proof-of-concept that lasted for a month.
Leimecke says, “While we accepted Jarrison’s recommendations, we
needed to see for ourselves that the key elements of the solution could
deliver on expectations. The success of the trial meant we were confi -
dent to rollout the full solution.
“What was even better is that within a month of beginning work on

site, Jarrison’s solution was operational. We needed to resolve some of
our network issues to cope with the distances between some readers
because of the size of our plant. Other than that, I’m delighted with the
solutions’ performance and the results it’s delivering.”
Multiple business rewards from a single identity
solution
In addition to providing accurate identifi cation of Omnia employees for
access control, the Jarrison system can also process and export data for
payroll management which means that problems and costs relating to
buddy-clocking are now a thing of the past.
The solution is also leveraging accurate identifi cation within Omnia’s
systems that manage their personal protective equipment store, tracking
what items were issued and to whom they were issued. Finally, the
Morpho-based solution is also providing identity control within Omnia’s
on-site induction process, ensuring that all the necessary compliances
are met for visitors entering certain areas of the Sasolburg plant.
Back to school
School chooses Impronet and Morpho biometrics to control access to facilities.
Somerset College is a school with a boys and girls boarding houses. All
students and staff are loaded on to the Windows Active Directory and
it was important for the effi cient functioning of the school to have a
single, accurate database to control users. It was important to the school
that if a user’s Active Directory login details were no longer valid, then
access to the computer laboratory, as well as the residences, should be
simultaneously disabled.
For these reasons, the client chose the Impronet with Windows
Active Directory integration to control the database of active users.
Further, physical access control was provided by Morpho biometric
readers, which replaced the previously used proximity tags.
The benefi t of using this system is that all of the hard work has
already been done in Windows Active Directory. A grouping for the
students and for the residences was already set up so there was no
duplication in implementation. Additional consideration was needed for
cleaners and contractors in terms of access control. User groups had to
be added for those people who were not already loaded onto the Active
Directory.
A specifi cation was drawn up and, on approval, the application was
designed and implemented. The client set milestones, which were readily
achieved by service providers Integratek and Powell Tronics, resulting
in the speedy implementation of the solution.
The aim of the solution, besides controlling access, was to
Client details
Company Omnia Fertiliser, Sasolburg
Contact person Leon Leimecke – Senior Systems Analyst
E-mail lleimecke@omnia.co.za
Sector Manufacturing: Chemical and Fertiliser
Scale of project Enterprise. 5 000 users
Key elements Jarrison Time software platform integrated
with a range of Morpho fi ngerprint scanners
for: employee access control and T&A; visitor &
contractor access control; identity control within
the Personal Protective Equipment (PPE) store;
and to manage on-site induction training.
Benefi ts Highly accurate access and time management,
delivering cost savings across all aspects of AC
and T&A
Solution supplier Jarrison Systems, Jason Matthews, 083 556 9259
Client details
Company Somerset College
Contact person Mynhardt Loubser, IT Manager
Telephone No. +27 (0)21 842 8000
Fax No. +27 (0)21 842 3908
Email m.loubser@somcol.co.za
Sector Education
Scale of project 900 students, 184 staff
Key elements IXP 400 hardware
Impronet software suite
Morpho J-series biometric readers
Windows Active Directory integration
eliminate issuing keys to staff , as replacements were quite costly. Using
biometrics was therefore an obvious option.
The client admits that timing of the implementation was of the utmost
importance as one had to consider that, although all student and staff information
was integrated into the Impronet database, enrolment of fi ngerprint
templates still had to be undertaken. This proved to be time consuming.
Biometric access control using the Morpho readers at the computer
laboratory provided the client with a good overview of the seamless
nature of the integration implementation. The installation has exceeded
the client’s expectations of the proposed solution.
www.securitysa.com Access & Identity Management Handbook 2013 105

CASE STUDY: CONSTRUCTION
Controlled access for 15 000
people each day
Over 15 000 workers arrive at the main gate every day.
Construction of the Kusile coal-fired power station in
Mpumalanga is well under way and work is being carried out
at a furious pace. The first power generating unit is expected
to go online in 2014 and this additional capacity is desperately
needed to relieve the Eskom grid, which is currently under tremendous
strain. All six power generating units are planned to
be operational by the end of 2018 with a total capacity of 4 800
megawatts.
The Kusile site is approximately 5 200 hectares and clearing of
the site began in April 2008. The power station is expected to use
up to 17 million tons of coal per annum for a period of 47 years.
This makes Kusile one of the biggest coal fired power stations in
the world.
A number of issues had to be catered for in the construction of
the plant:
• A consortium of large construction companies is working on
the Kusile project: Stefanutti Stocks, Basil Read, Group Five and
WBHO were jointly awarded the civil works contract. Securing a
site of this magnitude has been a major challenge.
• Over 15 000 workers arrive at the main gate every day. Any turnstile
solution must not become a bottleneck where unproductive
time is wasted while waiting to enter the construction site.
• Administratively, there is the challenge of accurately managing
employee clocking and avoiding time and attendance fraud.
• Occupational health and safety is a serious legal requirement
and no worker can be allowed onto the site if intoxicated and
without the correct PPE.
• Opportunities for industrial espionage must be limited. The
power generation industry is dominated by American, French
and Japanese firms. Each firm has its own industrial secrets and
technologies which give it a competitive advantage. No cameras
can be allowed into the construction site.
• A construction site, by its very nature, is a fluid and temporary
arrangement. An area which is a convenient entrance one day
can become an obstacle on another day. A temporary access
controlled solution would be required which can be easily
moved and positioned.
The preparation
Turnstar worked closely with the Eskom management at Kusile to fi nd
the right temporary access controlled solution. Turnstar suggested
that a bank of turnstiles be installed in converted shipping containers.
Recently, Turnstar supplied 48 Titan half height turnstiles which were
installed in containers to the construction site of the London Olympic
Stadium. The containers would be fi tted with their own DB board and
all access control paraphernalia required for time & attendance.
The solution
Eskom placed an order with Turnstar for 56 Triumph 4 full height
single turnstiles and 7 forty-foot shipping containers. The Triumph
was chosen due to its durability in harsh and dusty environments.
It is also supplied with a 5-year guarantee. Each container would be
106 Access & Identity Management Handbook 2013 www.securitysa.com
fi tted with 8 turnstiles. 15 000 employees will be using these turnstiles,
which means ±270 employees per turnstile. On average, it would take 30
minutes for all employees to enter the construction site, which is within
Eksom’s requirements. Before entry through the turnstile, all employees
are checked for intoxication by means of an alcohol sniff er and are
checked for cameras.
The shipping containers were waterproofed, painted and converted
by removing the side panels. The removal of the side panels creates
a large entrance through which the employees can pass through the
8 turnstiles. Lighting and an Eskom approved DB board were fi tted.
The turnstiles were bolted to the wooden fl oor. Once completed, the
containers were taken from the depot through to Kusile by means of a
crane truck. The crane then placed the container at the area to be access
controlled.
The project took a total of eight weeks from date of order to fi nal
delivery to complete.
Company Turnstar Systems
Contact person Craig Sacks
Business sector Construction
Tel +27 (0)11 786 1633
Fax +27 (0)11 440 5839
Email info@turnstar.co.za

New York City Transit
New York City Transit is the largest agency of the Metropolitan
Transportation Authority (MTA) in New York, the largest transportation
network in North America serving 14.6 million people. New
York City Transit has the world’s largest fleet of subway cars and the
largest public bus agency.
As New York City Transit moves from manual train control to a
more computerised environment, providing secure access to applications
and buildings is critical. The agency has 49 000 employees
across 500 locations, and also manages benefits for 36 000 retirees
and spouses.
For the IT staff, provisioning new users was a lengthy manual
process, often requiring a few weeks to give users access to the
right applications. Revoking network and building access for terminated
employees was also time-consuming, and posed security
risks. Automating identity management would allow the IT staff to
decrease administration time, while greatly improving security.
The agency also needed a security and identity management
solution that would work across a mixed operating environment
consisting of Microsoft Windows, NetWare, Unix and a variety of
mainframe and mid-range servers.
Selecting NetIQ
After evaluating identity management solutions including Oracle, IBM,
and Microsoft, New York City Transit selected a NetIQ solution consisting
of Identity Manager and NetIQ Access Manager. With API support
for disparate systems, the organisation can connect to Microsoft Active
Directory and RACF across a variety of operating platforms.
New York City Transit implemented Identity Manager to automatically
synchronise user identities across multiple systems, including its
time keeping and building access systems. Access Manager allows the
IT staff to give employees and contractors role-based access to applications,
based on authoritative user data in the agency’s employee
information system.
An identity management solution has also helped New York City
Transit with its governance, risk and compliance (GRC) strategy. The IT
staff can manage risk by ensuring that the right people have access to
the right information.
CASE STUDY: IDENTITY MANAGEMENT
New York City Transit automated identity management for 85 000 users.
With Identity Manager, the agency has eliminated the manual
processes associated with user provisioning and can set up new user
accounts in a few hours, rather than a few weeks. The IT staff can also
revoke access as soon as employees leave the organisation to safeguard
the security of its network, as well as access to its 1 500 critical infrastructure
control rooms.
With a NetIQ solution, the staff can ensure that users have access
only to authorised applications and building, which is critical when
managing a large transportation system. Automating identity management
has also freed up the IT staff to work on more challenging projects,
rather than routine administration.
Cost savings
With centralised identity management, the IT staff can give users a
single ID and password to access applications. This has dramatically
reduced the number of passwords users had to remember, as well as the
number of password-related helpdesk calls. Password self-service also
allows users to manage their own passwords.
For its 36 000 retirees and spouses, New York City Transit provides
VPN access to its network and uses SecureLogin to provide secure,
single sign-on access. Once users have network access, Access Manager
provides authorised access to a Web portal where they can access and
change their benefi t information.
New York City Transit runs its NetIQ identity management solution
on SUSE Linux Enterprise Server for greater stability and has had zero
downtime to date.
With a NetIQ identity management solution, New York City Transit
centralised and automated identity management for 85 000 employees,
contractors and retirees. The IT staff has reduced time spent on user
provisioning by 60% and can provision new users 90% faster. Users now
have secure, single sign-on access to applications which has improved
security, as well as employee productivity.
Making its benefi ts program available online to 85 000 users has dramatically
reduced the mailing and administrative costs of managing the
agency’s benefi ts program. New York City Transit has automated identity
management and created new services for users, all without the need
for additional IT resources.
www.securitysa.com Access & Identity Management Handbook 2013 107

CASE STUDY: HEALTHCARE
Hospital access controlled
Centralised management and advanced access control.
The First Affiliated Hospital of Jinan University Medical College was
established to provide medical and healthcare services to Chinese
citizens. It is also responsible for nurturing medical professionals
and spearheading medical research in China. The hospital includes
43 departments and 850 beds, delivering quality medical, rehabilitation
and healthcare services through a team of 1 100 medical
professionals.
The hospital is undergoing an extension project that includes
the construction of a 72 000 metre in-patient building. The new
building will be equipped with advanced medical equipment
and a new security management
system to enhance the
clinical services and ensure
the security of its medical
facilities.
The large influx of
patients, visitors and staff
poses challenges to the
hospital‘s security management.
In the past, it has been
relatively easy for an intruder
to walk around a hospital
unchallenged, accessing
areas meant only for authorised
staff. In rare cases, this could lead to security breaches where
infants are removed from paediatric wards. Therefore, it is critical
to safeguard key zones that also include the dispensary, operation
rooms and intensive care units.
As a result, the First Affiliated Hospital of
Jinan University needed a multi-layered
access control system to dramatically
increase overall security. With the hospital’s
plans to renovate its
old buildings and
construct a new
in-patient building,
the new access
control system also
needed to be scalable
to address this
expansion.
HID solution
In order to achieve
central monitoring and
multi-layered security,
HID Global’s VertX V1000
network controller, VertX V100 reader interfaces and
iCLASS R10 readers were installed on the premises. By
connecting VertX V1000 controllers to the host computer via
a TCP/IP network, the centralised, Web-based IP access control
solution performs remote monitoring and area control for key
zones while restricting staff access based on their job functions.
iCLASS R10 readers were installed at each entry point and all
staff must now present their iCLASS cards to verify their identities.
108 Access & Identity Management Handbook 2013 www.securitysa.com
“After comparing several local and international
brands, we selected HID Global’s
solutions for its leading technology,
worldwide agency certifi cations, comprehensive
post-sales support and lifetime
warranty.”
Mr. Zhao, Project Engineer First Affi liated
Hospital of Jinan University.
Heightened physical security throughout the hospital was
achieved by enabling different levels of building access to certain
staff. For example, only doctors and nurses in charge of intensive
care units and operating rooms are granted access to these areas.
Similarly, only on-duty staff members are permitted to enter the
dispensary, preventing accidents and malicious intrusions.
For system management, HID iCLASS R10 readers were connected
to a VertX V100 reader interface and VertX V1000 controllers
to transfer the entry records to the central station. By incorporating
HID’s networked access solutions with system software, the
central station administrator
can perform all execution
commands, including tracking
and changing security
levels and access rights, as
well as data backup and
report generation. In the case
of communication failures,
each entry point is able to
execute all commands offline,
and once communications are
restored, all buffered transactions
are uploaded to the host
for real-time monitoring and
data transmission.
Lastly, the system can collect cardholders’ entry records and
information including the employee number, name, department
and title for time and attendance purposes.
“After comparing several local and international brands, we
selected HID Global’s solutions for its leading technology,
worldwide agency certifications,
comprehensive post-sales support
and lifetime warranty,”
says Mr. Zhao, Project
Engineer of the First
Affiliated Hospital
of Jinan University.
“Moreover, iCLASS
technology delivers
enhanced security
through data encryption
and mutual authentication
technologies, addressing our
needs for maximum security at
key zones.”
In addition, HID Global’s open
architecture networked access
control solutions meet the hospital’s
evolving requirements through simple
firmware upgrades. The solutions are also scalable,
enabling additional applications such as fire alarm, biometrics and
logical access for future system expansion.
For more information contact HID Global, +27 (0)82 449 9398,
rtruter@hidglobal.com, www.hidglobal.com

The Ministry of Finance, Nigeria, oversees various fi nancial and eco-
nomic aff airs of the federal government of Nigeria including managing,
controlling, and monitoring all federal revenues and expenditures. The
CEM AC2000 SE (Standard Edition) provides high-end security for the
site and was installed by CEM Approved Resellers Acti-Tech.
AC2000 SE off ers the Ministry of
Finance a fully integrated and comprehensive
access control, alarms processing,
and photo ID badging system. The
system comes with a suite of applications
including AC2000 VIPPS (Visual Imaging
Pass Production System) which the
Ministry of Finance found particularly
benefi cial. AC2000 VIPPS application
allows the Ministry of Finance to design
its own ID badges and issue over 1 500
permanent and temporary ID cards to
staff and visitors.
IP card readers
A range of CEM IP card readers were
installed throughout the building, including
the CEM S610f fi ngerprint card reader.
The S610f off ers increased security by providing
three levels of identity checks – ID
card authentication, PIN check, and fi ngerprint verifi cation. The reader
allows the Ministry of Finance the opportunity to add an additional layer
of biometric security where necessary.
Featuring a controller, card reader, and fi ngerprint solution in one
device, the S610f is a fully integrated biometric and access control
reader that is used as part of the AC2000 SE system. Fingerprint templates
are captured on the AC2000 enrolment station at the same time
CASE STUDY: FINANCE
Ministry of Finance, Nigeria
AC2000 SE off ers the Ministry of Finance an integrated access control, alarms
processing, and photo ID badging system.
as a cardholder’s personnel details and images are captured and are
then saved to the AC2000 server.
Cards can then be issued and biometric templates distributed via the
access control network, eliminating the need for an additional biometric
network and software enrolment process.The S610f off ers advanced features
such as an LCD to show user messages
such as ‘Access Granted’, ‘Card
Expiring’, and ‘Wrong TimeZone’. S610f
also features an internal database
enabling intelligent decision making at
doors at all times; even when communication
has been temporarily lost with
the host system.
“CEM Systems off ered great
support throughout the project
and provided an excellent
solution to secure the Ministry
of Finance. The fully integrated
solution will allow the premises
to run eff ectively and
effi ciently with the highest of
security measures”.
Peter Madu, managing
director, Acti-Tech
Power over Ethernet
“Utilising CEM’s advanced range of
hardware, the Ministry of Finance
also chose CEM’s high Power over
Ethernet solution, the fi rst of its kind
in the industry,” says Andrew Fulton,
business development director, CEM
Systems. The CEM DIU 230 (High Power
over Ethernet Door Interface Unit)
eliminates the need for both a main
connection and a local power supply
to the door. Utilising Ethernet infrastructure throughout the Ministry
of Finance, the DIU 230 supplies suffi cient power via the same Cat 5e/6
cable that powers CEM card readers, as well as reliably powers double
magnetic locks that secure the doors.
For more information contact Tyco Security Products,
+27 (0)82 566 5274, emallett@tycoint.com, www.tycoacvs.com.
www.securitysa.com Access & Identity Management Handbook 2013 109

PRODUCT UPDATE
Access control fi ngerprint
management with Unis
Trac-Tech’s Unis access control fi ngerprint management software allows users
to maximise the functionality of their access control hardware. The software
has a number of value added management features and provides real-time
storage of a user’s fi ngerprints in conjunction with a clocking device. An
optional time and attendance (T&A) module is available as a USB dongle.
“Preceded by Trac-Tech’s Access Manager, Unis was developed
after requests from our customers for further management, fl exibility
and functionality of the terminals on a high end basis,” Trac-Tech’s Ian
Kellerman explained.
The software has a number of special features such as meal ticket
management. “This is ideal for organisations that have canteens and
allows management to allocate vouchers based on predetermined time
periods. The vouchers will be invalidated should
the user attempt to use them outside the specifi ed
time zone. In addition, vouchers for specifi c meals,
such as breakfast, would not be available outside a
specifi ed ‘breakfast time’ range,” said Kellerman.
The system has SQL or Access database capabilities
and can export information to other T&A packages,
which in turn will export to all the proprietary
payroll systems. Clocking terminals can be added
internally and the system is based on either individual
workstations or is server-based across WAN or LAN.
“There is no limit to the number of users who
can be added to the system and there is no extra
charge for adding extra users, making it quite
unique in industry,” said Kellerman.
“Once the terminal has scanned your fi ngerprint it matches it to
records in the database. You can add further security elements to the
system by having a 1:1 which would mean a check against your fi ngerprint
plus a check against either a PIN code or a user card. This then in
essence becomes an individual security system which allows it to check
only that one particular person without having to access a large database,”
said Kellerman. The anti-passback feature means that if someone
has entered the building without clocking in, they will not be allowed to
clock out at a valid terminal.
Based on feedback from previous users of Access Manager, the
software is designed around ease of use and enhanced management
with extended reporting capabilities. “The basic reporting facility is per
user, per department, per terminal, per access group and per date range.
Records are stored on both the terminal and the software with information
of the user and their clocking history,” Kellerman explained.
110 Access & Identity Management Handbook 2013 www.securitysa.com
Access control
fi ngerprint management
software
allows users to
maximise the
functionality of
their access control
hardware.
Superior access management
Unis has evolved into a superior management tool with a number of
specialised features including a blacklist manager. “This feature is ideal
for use in scenarios where multiple contractors access site on a daily
basis. If someone is dismissed by a contractor they will be blacklisted on
the system so if they try to register with a new contractor (employer) the
system will automatically alert management as to their blacklisted status
and disallow their entry on to site,” said Kellerman.
Various access groups and areas can be confi gured in Unis:
• Access times for particular, predetermined zones (06:00 to 22:00 for
example).
• Access times for access zones for specifi c days (administration and reception
areas only on weekdays for administration and
management staff , for example).
• Access areas, for example, ‘front door for administration’;
or ‘factory entrance for administration and factory
workers’ with specifi c links to the time periods
each group can have access to these areas.
• Visitor management module for allocated access
periods and areas.
“Site map monitoring shows the global layout of the
site and terminal position in relation to entrance and exit
points and will indicate if a door is opened or a terminal
is disconnected,” said Kellerman.
“You can manage I/O information, for example when
an access door remains open for a predetermined time,
a pop-up will appear on the user’s PC screen to inform
them of their action. The software can broadcast messages when people clock
in, for example, ‘report to the manager’s offi ce’. An e-mail can also be sent to
alert management when specifi c people clock in,” explained Kellerman.
In order to minimise network traffi c and provide a real-time update
of transactions, the devices will push their transactions to the server as
they occur. While templates are being sent to the Virdi biometric readers,
users can continue to transact.
The software is also designed with safety and security in mind. “You
can enable panic control in the software such that if a panic button is
pressed at a terminal, it will send an e-mail alert plus audibly emit a
siren. This is ideal for fi re warnings and can also be linked to a fi re/smoke
monitoring system for automatic alerts,” said Kellerman.
For more information contact Trac-Tech, 0861 100 199,
info@trac-tech.co.za, www.trac-tech.co.za .

Real-time, Web-based time and
attendance solution
Web Register is a Web-based time and attendance (T&A) solution hosted on a
client’s server.
Instant connectivity, real-time data and minimal fuss are the demands of
modern-day businesses. Web Register is a Web-based time and attendance
(T&A) solution hosted on a client’s server, which communicates
with SQL databases and allows many users to connect to the system via
a Web browser, without the need for additional software.
Developed 10 years ago, the system is fi nding great acceptance in a
world driven by the move to more Web-based applications and it allows
companies to access a shared resource environment quickly and painlessly.
The system allows for multiple administrators and up to 100 users.
Specifi c industries that benefi t from this package are mining; travel and
tourism; hospitality; and R&D, where the system monitors total project
hours in terms of research hours per person.
Web Register has all the benefi ts and features that other T&A packages
off er but the diff erentiator is apparent in its design and usage.
One of these characteristics is that a user can email reports to relevant
parties straight from the Web page. “One can also export reports directly
to Excel and certain reports can be exported to PDF, all with the confi -
dence that the traditionally associated issues with loss of formatting on
importation have been removed,” said Trac-Tech’s Buddy Solomons.
There are no annual licences associated with Web Register and there
is no restriction on the number of employees who can be added to the
system. In addition, because of its user-friendly nature, Web Register
normally does not require on-site support after its fi rst year in operation.
Report fl exibility
Web Register uses Trac-Tech’s Unis as the underlying product to gather
authenticated details. The integration between the two products is
seamless and Web Register is able to automatically detect any T&A users.
Standard features include an HR reporter and full time and attendance
information. “A new feature is cross fi ltering which allows one
to fl exibly select the relevant department or occupational group and
produce targeted reports,” said Solomons.
“Administrators can create a number of users and permissions for
each user, for example, ‘Access timesheets’ or ‘Only allow access to specifi
c columns within the timesheet’,” Solomons added.
Web Register provides a multitude of reports for defi ned exceptions
and fi nal hours. Reports are interactive for the main users and when the
timesheet is updated it will automatically update the relevant report.
The system will indicate which person’s records have been accessed and
edited, which can be reviewed in any other related report.
The audit trail allows management to see if supervisors are editing
timesheets. “Each time they access and edit it is recorded against their
user profi le. Password protection of users, however, is specifi c to each
user and even administrators cannot view this password,” said Solomons.
Full integration
Web Register information can be exported to 95% of all payroll systems
in South Africa and is a senior partner of Softline VIP Payroll and many
other payroll systems such as Pastel and Payslip . “Trac-Tech has developed
the Automatic Leave Integration module specifi cally for use in the
Softline VIP Payroll system,” said Solomons.
A separate module – Employee Integration – will allow payroll
administrator to add or terminate an employee from the system from
VIP. This will automatically update the employee’s details on the template
management software (Unis) and then update Web Register.
Solomons said that Trac-Tech has had reports of some users accessing
specifi c elements such as clocking in and clocking out of employees
via their iPhones and Blackberries even though Trac-Tech has not currently
developed a smart phone application. “This underlines the inherent
sophistication of the programming of the system and aff ords us with
a further challenge going forward as we refi ne its use on smart phones.”
For more information contact Trac-Tech, 0861 100 199,
info@trac-tech.co.za, www.trac-tech.co.za.
www.securitysa.com Access & Identity Management Handbook 2013 111

PRODUCT UPDATE
A new approach to people management
Industrial, petrochemical, manufacturing and mining operations globally
are facing increasing pressure to strictly apply and comply with a myriad
of policies with regards to health and safety and monitoring of individuals,
as well as service providers’ compliance, time and exposure on-site.
Zero harm initiatives and standardisation of company policy across
all operations are key internal drivers while increasing statutory requirements
are placing a larger focus and onus on organisations to account
to external legislators and industry regulators.
This has resulted in an increased direct cost of compliance as additional
resources and systems are put in place. In many cases the impact
of indirect costs resulting from additional fees charged by contractors
and vendors to meet enhanced compliance requirements is signifi cant.
This tension between enforcement of best practice safety policies and
increased pressure to operate in a competitive and cost eff ective manner is
a perfect environment for companies to re-assess their approach to compliance
enforcement and reduce the risks associated with non-compliance.
Moving beyond security
compliance
With the focus on governance, risk,
and compliance (GRC), all aspects
of an organisation are directly or
indirectly impacted by any heightened
security policies and procedures.
These new business requirements
demand that non-security
functions (HR / IT / fi nance / facility
/ wellness and even production,
logistics, etc.) become directly
accountable for identity management
and policy enforcement on
site. Ownership of source data
Figure 1.
input, for example:
• Physical security systems that are
seamlessly provisioned from HR system data.
• Logical security to work areas that are driven by a workfl ow approval
process has eff ectively transferred accountability from the security
function to whoever is accountable for the relevant business process
and mandated for the correct capture of the source data.
Streamlined business processes and deployment of technology can be
used as an enabler to streamline the administration of policy, but the real
value and challenge exists in the creation of a holistic view of all people and
related assets interacting on your sites. Traditional security functions and use
of manned guard services in conjunction with electronic security solutions
still plays a vital part in an integrated people management solution (IPMS)
but, with all business processes around security being streamlined and
manual processes automated, these resources can be focused and vigilant as
all mundane, labour intensive functions are automated.
Towards enhanced compliance
A sustainable compliance solution is 90% to do with proper up-front
blueprinting, systems integration and process optimisation and 10% about
implementing a PAC Solution / new technology. Knowledge is the key. This
doesn’t necessarily mean becoming a subject matter expert on integrated
security solutions, but of vital importance is to understand the business
requirements and unique needs of the various individual stakeholders in
112 Access & Identity Management Handbook 2013 www.securitysa.com
your organisation and be able to translate that into meaningful output
during a facilitated Blueprinting process.
Key to success is to partner with a company / systems integrator that
adds value to your business processes and facilitates delivery of the process
using technology as an enabler. This is far more preferable to a company
promulgating technology (features and benefi ts) to solve people related
process issues. The focus should be on consideration of all aspects and
eff ected stakeholders with regards to compliance and a full understanding
of the technical and functional requirements that any technology selection
(whether modernising existing or replacing with new) will need to fulfi l.
Dynamic impact of various inputs
InnoVIZION’s iPfuzion Framework (Figure 1) highlights the impact of
various systems and people types on an integrated access control
framework. A framework approach enables organisations to eff ectively
manage compliance by eliminating silos of data and utilising people
information to integrate and
streamline business processes
whilst providing a single view
of multiple people types.
Integration and technology
are key enablers for change
towards automation, whilst
business process optimisation
(BPO) is the key value
driver for businesses looking
towards integrated solutions
that enhance productivity and
automate manual and regulatory
processes.
innoVIZION’s People Fuzion
proprietary software solution
is a single platform, process
driven, Web framework that
seamlessly integrates to your business systems:
• seamlessly manage data and integrates multiple systems;
• makes use of your physical access control (PAC) system to enable your
organisation to eff ectively manage people processes;
• provides a single holistic view of multiple people types (visitors /
contractors / vendors / employees, students, parents, etc.) and asset
types (vehicles / laptops / PPE / valuable Items / issued equipment etc.)
within an organisation.
Key features
• Increased return on investment / benefi t realisation – leverage on all
your existing and future technology investments.
• Single common user interface / front-end for all interactions irrespective
of technology utilised.
• Single integration point – to business management systems and all
other systems linked to access control / time and attendance / digital
surveillance / building management systems, etc.
• Applied intelligence – policies and legislation automatically enforced
from multiple data sources (Medicals / Training / Inductions /
Licences, etc.).
• Simplifi es management of people and assets – provides a single view
of all people types and assets or equipment linked to them.

• Contractor management
including:
° Dashboards (with
trends and live
drill-down of
attendance).
° Attendance
recording.
° Departmental scheduling
and location
costing for contractors.
° Costing of all contractor
hours to correct departments
/ cost centres.
° Detailed Time / Activity hours reports.
° Headcount Management Widget (displays live
data on managers’ desktops with regards to
attendance of Students, Staff and Contractors).
• Web reporting that gives you control over all
the people movement in your organisation.
• Real-time messaging – is a smart messaging
service that monitors multiple access control
transactions / events in real-time from any
access control system or directly from access
control hardware.
• Reception management.
• Allows detailed real-time control over people
activities, access validation, movement and any
processes that people interact with.
• Facilitates phased implementations or roll-outs
of new technology.
• Scalable – future technology inclusion.
The need of the industrial, petrochemical,
manufacturing and mining industry for security
technology to positively impact
on their operations and reduce
risk is unquestionable.
The unique challenges
presented in these
environments from harsh
environments to legislative
compliance require
comprehensive compliance,
security and safety
solutions.
Integration of identity
and security management
to deliver on compliance enforcement
is inevitable. This, together with rising
compliance enforcement requirements create
an opportunity for enterprises to gain a competitive
advantage and streamline operations
through the implementation of a compliance
enforcement framework.
Companies that recognise this reality soon
and address current gaps in business processes
and disparate silos of information can utilise
existing / new physical access control solutions
to signifi cantly improve compliance and
increase safety in operations. Removal of any
human intervention (and often subsequent dangerous
practices) in the application of policies
and rules regarding HSE can have a signifi cant
eff ect on zero harm initiatives.
For more information contact Innovizion,
0861 849 466, info@innovizion.co.za,
www.innovizion.co.za
www.securitysa.com Access & Identity Management Handbook 2013 113

PRODUCT UPDATE
The ProxNet 647-50
fi ngerprint reader
Unfortunately it’s not just criminals on the outside who threaten the
security and prosperity of businesses – the deceitful within can also
have a devastating eff ect on profi ts.
So says Valerie Bingham, product manager for Elvey Security
Technologies, which supplies a range of access control products.
Among these is the fi ngerprint reader and specifi cally the ProxNet
647-50 from GSC Systems, which is being used with considerable
success to prevent unauthorised access to premises, to stop buddy
clocking and to safeguard valuables.
Since fi ngerprint identifi cation began its transition to automation
in the late 1960s, governments, mines, petrochemical plants (SASOL),
refi neries, private manufacturing concerns and educational facilities,
have increasingly embraced the technology to ensure the protection
of their people and assets.
Not only is it used to keep trespassers off the premises, it is also key
to controlling the movement of staff members within the buildings,
says Bingham. “An access control system allows security managers to
restrict or grant admittance to specifi ed areas such as those containing
classifi ed information, dangerous equipment or valuables. In the event
of a breach or incident, security managers can pull full reports on
everyone who has entered or left the protected site and in so doing,
take the appropriate corrective action.”
With this in mind, she readily recommends GSC System’s ProxNet
647-50 fi ngerprint reader. The 647-50, which requires a separate connection
for the template management with the link being either the
RS-232 or the RS-485, runs on a Windows (2000 /XP /Vista /Windows7)
operating system, though not necessarily on the computer that runs
the ProxNet system.
One of its attributes is that it allows templates created and used
on one unit to be transferred in their entirety or selectively uploaded
to other units on the network, thereby making it possible to grant
restricted access to specifi ed personnel. The number of users that can
be stored depends on the number of templates enrolled per user.
Hands-on attendance
Biometric terminals like the new HandPunch GT400 from Uniclox will
prevent fraud from buddy clocking. While fi ngerprint terminals are
popular in commercial applications, many industrial companies fi nd
that hand geometry is faster and more consistent because it is unaffected
by dirt, paint, oil or damage to the fi ngertips.
“Instead of punching manual or electronic timecards, employees
simply enter their number and place their hand on the platen of
the HandPunch terminal. It automatically takes a three-dimensional
reading of the size and shape of the hand and verifi es the user’s
identity in less than one second,” explains Peter Noppe, MD of Uniclox
Technologies.
Customers can set up programmable function keys with specifi c
software to create validation tables, multi-level promptings or menus
that meet specifi c requirements. There is also a built-in relay for ringing
a bell or locking a door on certain hardware models.
Uniclox Vision is a time and attendance system that improves
employee time tracking, scheduling and reporting. Vision provides
advanced features for managing labour data with pay rules, scheduling,
tracking attendance and disciplinary events, and maintains basic
HR records. It achieves this while meeting the scalability, reliability and
114 Access & Identity Management Handbook 2013 www.securitysa.com
Next generation time
and attendance
Brand New Technologies (BNTech) has introduced Avalon Biometrics
ID2GO product, a biometric time and attendance solution for fi xed and
mobile use.
“ID2GO is a software solution that can be installed on a fi xed
machine or on a mobile Android device, eff ectively turning the Android
phone or tablet into a mobile identity verifi cation terminal. It is easy to
use, install and integrate,” explains Dave Crawshay-Hall, CTO for BNTech.
“The product is suitable for environments where personnel are located
remotely but still need to be logged into the systems for time and attendance
purposes. In fact, we have already had enquiries from game farms
where guards located at peripheral gates need to be accounted for.”
In essence, the ID2GO Attendance solution is a complete persons
register with an integrated AFIS, capable of storing and identifying an
unlimited number of persons, but combined with a biometrics white
list of enrolled persons. ID2GO off ers photo and fi ngerprint capture
and verifi cation, unlimited number of users and many other features
that make it the ‘next generation’ T&A solution. It is able to perform
rapid positive identifi cation of individuals, ensuring only authorised
access to premises, networks and installations. The logging of each
identifi cation also provides a transparent audit trail mitigating fraud
and unauthorised access.
Other key features include:
• Rapid AFIS identifi cation
• Attendance check
• Duplicate check
• Biometric enrolment
• Unique ID number for each record created
• Structured person register
• ANSI/MIST fi le export
• Audit log
For more information contact Brand New Technologies,
+27 (0)11 450 3088, dave@bntech.co.za.
security requirements of even
the largest organisations.
Designed and developed in n
South Africa to suit local condi-
tions and labour legislation,
Vision is suitable for all types of f
organisations, from mid-sized
businesses right up to large
industrial companies with
complex shifts and schedules.
Vision can be integrated
with popular payroll
packages and Uniclox is a
Certifi ed Business Partner
with Softline, which sells VIP
and Pastel payroll and account-
ing Software.
For more information contact Uniclox Technologies,
+27 (0)11 439 2000, info@uniclox.co.za, www.uniclox.co.za.

IP to the door
The T24 IP Video Door Station is a video door intercom, with a recently
released RFID access module (keypad), the Security Door Opener and
the two-wire network module (Mx2wire info module). The new IP telephony
standard enables the user to establish a direct connection from
the Door Station to any VoIP phone or any computer or smartphone
running VoIP software. This means that with appropriate network
infrastructure, the user can establish a video connection, remotely
open doors or view stored video messages and review recordings
from anywhere in the world.
Mobotix`hemispheric camera technology enables the user to
view the entire area in front of the building in the video. This means
that the image section can always be focused on any area of interest,
regardless of the distance between the Door Station and the door
itself. The image is tilted and zoomed electronically without any
mechanical movement, meaning that there is no wear and tear to
the camera and no maintenance is required. In addition, the system
allows users to return to the recording at a later time and view
all areas of the video, all the way down to the fl oor in front of the
camera – even if the video at the time of the actual recording was
focused on the visitor’s face.
The Door Station can be accessed from anywhere in the world,
as the IP telephone connection is established automatically via the
network. This means that central control units and computers are not
required for operation. The Door Station consumes very little power
(around fi ve watt-hours), which is provided directly via the Ethernet
cable. The automatic installation enables the user to set up the system
quickly and easily without the need for extensive network knowledge.
All data transmissions to and between the modules are encrypted and
the access rights are stored and checked from a secure location indoors.
Even in the case of a complete power failure, the RFID access module – in
connection with the rechargeable battery of the Security Door Opener
– ensures up to 60 hours of keyless access. As standard, the individual
modules of the Door Station are equipped with electromagnetic anti-theft
protection to secure them against unauthorised removal.
The RFID access module enables keyless access using a card transponder
or by entering a PIN number. Access requests are encrypted
and transferred to the Security Door Opener via a two-wire cable and
once the access request is cleared, the door opens. Moreover, visitors
can leave their own messages or view video messages that were left
for them.
The Security Door Opener contains all PIN numbers, transponder
data and access times for opening the door. Since this module is
installed indoors and no relevant access data is stored outdoors, the
Door Station is secure against theft and manipulation. In addition,
the module functions as a doorbell and the user can select from a
wide range of diff erent ring tones. It is not necessary to connect an
extra power source to operate the electrical door opening and closing
mechanism, because the Security Door Opener generates the
required voltage with its integrated rechargeable battery.
The two-wire network module, an illuminated door sign that can
replace the simple info module of the Door Station, supplies power to
the module and establishes the network connection via two standard
bell wires. This way, the station can be integrated in any older building,
either as an on-wall or in-wall version.
For more information contact IAC, +27 (0)12 657 3600,
raine@iacontrol.co.za, www.iaconline.co.za.
www.securitysa.com Access & Identity Management Handbook 2013 115

THE BACK PAGE
Is that you, darling?
Polonius.
You haven’t made a sound, you are in total darkness, and yet your ethereal
presence is confronted by the most formidable challenge-response system
known to mankind.
I have often wondered what the fuss is about identity and identifi cation.
When you were a boy, no matter in what ‘avatar’ you returned home,
your mom not only recognised you instantly, but carried the paradigm
of face recognition to more exalted heights. She even knew with the
most un-Heisenberg-like certainty, whether you had taken a shy at the
window-pane down the lane and not missed, hissed at your teacher and
got a note in your diary, or someone else was about to discover whatever
happened to their cat in the neighbourhood.
They should actually get moms to write the software for identity
management. For example, if they could extend their expertise to company
employees, the most perplexing corporate problems of the day
would probably disappear. With the face recognition would come the
additional routines to know if the boss was in a surly mood, or your sales
person has already thought up the most wonderful story about why
the sales didn’t happen, or the cashier has decided that s/he has had
enough of working class penury and will put a hand in the till this morning,
then be off to the Durban July to bet it all on Raspberry Princess.
After the killing has been made, the original sum would be returned, of
course. Whichever way, moms could help companies save millions.
A camera could even be installed in the meeting room and a little
old-fashioned tweet could go off every time one of the trusted company
boys told a little lie, so what if it was meant to save their indefatigable
corporate skins, or even improve their chances for that richly deserved
fabulous promotion. Oh, this one would be easy for the moms, especially
if they had to code them in languages with names like Visual C++.
And, we are not talking voice recognition yet.
Telecommunication equipment is usually designed for 8 k MHz. They
say judges and the forensic experts can be sure of culprits if voices are
recorded at 16 k. However, moms already use 64 k. Imagine your bank’s
call centre. Along with your request, “can I know my bank balance, please?”
116 Access & Identity Management Handbook 2013 www.securitysa.com
Mummy’s voice recognition system would already know if now, a check
would be made out to your favourite church charity, or spent on some
dire household necessities, or for a weekend with the mistress. If such
things could be known in advance, especially by a spouse, (though they
know it, actually, but don’t tell) the world would indeed be a better place.
Terrorists wouldn’t stand a chance, if only moms ‘manned’ the airport
security gates and the CCTV cameras at public places. Imagine the conversation
in the backroom – one mom to another – when they discover
the guy carrying the bombs on his body. “Oh my Jake would never have
his eyeballs so close, even if the constipation was severe.” Imagine this
could save the world one day.
They would even do better at the scene of crime than present-day
forensic experts. From the expressions on the face of the corpse, they
would know if it was a jealous partner, a greedy and impatient family
member, the butler or a complete stranger.
Large multi-million dollar fi ngerprint bureaux and even identity kits
that forensic artists use to re-construct the face of criminals from eyewitness
accounts would become obsolete. They would be able to tell who’s
not ‘dunit’ simply by looking at a scene of crime and telling the teacher
– my Jake would never do such a thing.
But then, moms are more than a match for the spouse, something
you discover on your fi rst late night out with the boys after moving in
together. You don’t even drive all the way up to the garage. You turn
the key in the lock without a click and tip-toe up the stairs. You haven’t
made a sound, you are in total darkness, and yet your ethereal presence
is confronted by the most formidable challenge-response system known
to mankind, the deceptively simple query, “Is that you, darling?”
Polonius, when not appearing in Shakespeare’s Hamlet, is a Hi-Tech
Security Solutions’ writer who prefers that his wife doesn’t know about it.

* denotes advertiser
QUICKFIND
Company Telephone E-mail Website Page
Accsys 0861 ACCSYS pr@jhb.accsys.co.za www.accsys.co.za 93*
ADI Global Distribution 0860 22 55 23 adelaide.taylor@adiglobal.com www.adiglobal.com/za 31*
Becker Mining South Africa +27 (0)11 617 6300 info@za.becker-mining.com www.za.becker-mining.com 64*
Bosch Security Systems +27 (0)11 651 9838 christine.smit@za.bosch.com www.boschsecurity.co.za 12,13
Brand New Technologies +27 (0)11 450 3088 dave@bntech.co.za www.bntech.co.za 95*,114
Business Connexion +27 (0)11 266 5287 mark.stoop@bcx.co.za www.bcx.co.za 29*,89
CA Southern Africa +27 (0)11 417 8645 joanne.cawrse@caafrica.co.za www.caafrica.co.za 38
Card Control Systems +27 (0)11 907 3192 info@cardcon.co.za www.cardcontrolsystems.co.za 113*
CEM Systems +44 28 9045 6767 cem.info@tycoint.com www.cemsys.com 7*
Clearline +27 (0)11 848 1100 info@clearline.co.za www.clearline.co.za 17*
Comb Communications +27 (0)11 089 5800 sales@comb-communications.com www.comb-communications.com 25*
Controlsoft Security +27 (0)11 792 2778 africasales@controlsoftsecurity.com www.controlsoftsecurity.com 26*
EasyRoster +27 (0)12 809 4270 info@easyroster.net www.easyroster.net 80,82*,83
Elvey Security Technologies +27 (0)11 401 6700 tasha.smith@elvey.co.za www.elvey.co.za 44*,87*
EOH Intelligent Infrastructure 0861 500 500 sales.ii@eoh.co.za www.eohii.co.za 76,79*
Flow Systems Manufacturers +27 (0)11 762 2453 info@fl owsystems.co.za www.fl owsystems.co.za 97*
Gallagher +27 (0)11 974 4740 lyn.dupreez@gallagher.co www.gallagher.co 94
GSC Systems +27 (0)21 712 5130 erich@gsc.co.za www.gscsystems.com 37*
HAB International Fire & Security +27 (0)11 314 7066 security@hab.co.za www.hab.co.za 115*
HID Global +44 1440 714 840 brabasse@hidglobal.com www.hidglobal.com 41*
HID Global +27 (0)82 449 9398 rtruter@hidglobal.com www.hidglobal.com 42,43,108
IAC +27 (0)12 657 3600 raine@iacontrol.co.za www.iaconline.co.za 115
Ideco Biometric Security Solutions 0861 043 326 contact@ideco.co.za www.ideco.co.za 1*,19*,21*,
Impro Technologies 08600 46776 www.impro.net OBC*
For more information on these and other suppliers please see www.hsbd.co.za
www.securitysa.com Access & Identity Management Handbook 2013
26*,29*,31*
innoVIZION 0861 849 466 sales@innovizion.co.za www.innovizion.co.za IFC*,112,113
IP Security Solutions +27 (0)11 553 3300 info@ipsecuritysolutions.co.za www.ipsecuritysolutions.co.za 85*
Jasco Security Solutions +27 (0)11 894 7127 sales@multivid.co.za www.jasco.co.za 81*,84
Morpho SA +27 (0)11 286 5800 nicolas.garcia@morpho.com www.morpho.com 20
Mustek Security Technologies +27 (0)11 237 1364 sergiop@mustek.co.za www.mustek.co.za 6
Natech Universal Technology +27 (0)10 591 5073 sales@natech.co.za www.natech.co.za 39*
neaMetrics 0861 632 638 info@neametrics.com www.neametrics.com 34,45*,80,
NetIQ +27 (0)11 322 8300 marianne.vanderpluym@netiq.com www.netiq.com 35*
Novell SA +27 (0)11 322 8342 cgrobler@novell.com www.novell.com 28,30,32
Powell Tronics +27 (0)11 234 6990 marketing@powelltronics.co.za www.p-tron.com 33*
Reditron +27 (0)87 802 2288 sales@reditron.co.za www.reditron.co.za 21*
Regal Distributors +27 (0)11 553 3300 mel.labuschagne@regalsecurity.co.za www.regalsecurity.co.za 88
Safl ec Systems +27 (0)11 477 4760 info@safsys.co.za www.safsys.com 23*
Secequip +27 (0)11 624 2815 vaughn.tempelhoff @secequip.co.za 19*
Security & Communication Warehouse +27 (0)12 653 1005 marketing@securitywarehouse.co.za www.securitywarehouse.co.za 26*
Softcon +27 (0)12 348 7301 sales@softconserv.com www.softconserv.com 15*
Suprema +27 (0)11 781 9964 enquiry@suprema.co.za www.suprema.co.za 34,45*,80,
Technews Publishing +27 (0)11 543 5800 vivienne@technews.co.za www.technews.co.za 27*
Trac-Tech 0861 100 199 info@trac-tech.co.za www.trac-tech.co.za 98,99,
83*,85
83*,85
110,111
Turnstar Systems +27 (0)11 786 1633 info@turnstar.co.za www.turnstar.co.za 13*,101,106
Tyco Security Products +27 (0)82 566 5274 emallett@tycoint.com www.tycosecurityproducts.com 5*,36,90,109
Uniclox Technologies +27 (0)11 439 2000 info@uniclox.co.za www.uniclox.com 9*,114
UTC Fire & Security +27 (0)11 579 7300 gretchen.geldenhuys@fs.utc.com www.utcfi reandsecurity.com 95
UTM Group 0860 22 22 66 info@utmgroup.co.za www.utmgroup.co.za 11*,96
Virdi Distribution SA 0861 184 734 chris@virditech.co.za www.virditech.co.za 40,66*
Xpanda +27 (0)31 791 0061 xpanda2@argent.co.za www.xpanda.co.za 100
ZKSoftware +27 (0)12 259 1047 info@zkteco.co.za www.zkteco.co.za 65*
IBC