electronic access control

Let’s discuss ‘Anti-passback’: What is it and what can it do for you?

By Gina Stuelke, CEO of Kenton Brothers

Advantages of Anti-Passback in Access ControlIn our continuing series of educational posts, we love sharing the layered capabilities of access control systems.

Anti-passback is a security feature in an access control system that prevents a user from passing their access credential (like a key card or mobile badge) to another person for unauthorized entry. It requires users to “exit” before they can “re-enter” and enforces a logical sequence of “in” and “out” events to prevent fraudulent or unauthorized use of credentials.

Capabilities

Prevents Credential Sharing

  • Purpose: Ensures that access cards or credentials aren’t passed between individuals to bypass security.
  • Benefit: Stops unauthorized access by enforcing that a badge used to enter must also be used to exit before it can be used again

Enhances Occupancy Tracking

  • Purpose: Keeps accurate logs of who is inside the building or specific areas.
  • Benefit: Useful for emergency evacuations, audits, or real-time occupancy monitoring (e.g., for energy efficiency or space planning).

Supports Compliance and Safety Protocols

  • Purpose: Helps meet regulatory or internal policies related to controlled access.
  • Benefit: Assists with compliance in industries requiring strict access monitoring (e.g., data centers, pharmaceuticals, finance).

Deters Tailgating and Piggybacking

  • Purpose: Discourages people from entering secured areas by following others without scanning a credential.
  • Benefit: Strengthens per-person authentication, especially at critical security points.

Improves Audit and Incident Response

  • Purpose: Maintains a more accurate access log history.
  • Benefit: Allows faster and more reliable investigations when security breaches or incidents occur.

Enables Logical Access Pairing

  • Purpose: Links physical access to logical access (e.g., network login).
  • Benefit: Ensures users are logged into systems only when they are physically present in the building.

Increases Operational Control

  • Purpose: Forces users to follow defined traffic patterns (e.g., enter through the main lobby, exit through designated doors).
  • Benefit: Helps manage crowd flow, security checkpoint coverage, and staffing.

Reduces Risk of Occupancy Overload

  • Purpose: Limits the number of people in a given area at any one time.
  • Benefit: Useful for high-security zones, labs, or rooms with occupancy limits (fire code, clean rooms, etc.).

Industry Segments

Here’s a breakdown of how different commercial industries apply anti-passback:

Corporate Office Buildings

  • Use Case: Preventing employees from “buddy-badging” others into secured areas.
  • Example: Employees must badge in and out of a high-security R&D lab or executive suite.

Data Centers

  • Use Case: Enforcing strict audit trails for every entry and exit.
  • Example: Technicians cannot badge into a server room unless they’ve properly exited previously, helping ensure tight compliance with SOC 2 or ISO 27001.

Manufacturing and Warehousing

  • Use Case: Managing time and attendance and ensuring safe evacuation procedures.
  • Example: Workers badge in at the start of a shift; anti-passback ensures only present workers are recorded in the building for safety drills or emergencies.

Education and Research Institutions

  • Use Case: Controlling access to restricted labs or testing facilities.
  • Example: Students or researchers must badge out of clean rooms before they can re-enter, reducing contamination and enforcing accountability.

Healthcare Facilities

  • Use Case: Securing medication storage or surgical zones.
  • Example: Staff cannot re-enter drug dispensary rooms without properly badging out — this ensures individual access is logged and traceable.

Commercial Real Estate (Shared Workspaces, etc.)

  • Use Case: Preventing non-tenant access in shared environments.
  • Example: Tenants or contractors cannot “lend” badges to guests or friends to gain unauthorized access

Using Anti-Passback to Acclimate Employees Back to the Office

Anti-passback can be a strategic tool to help ease employees back into office routines while reinforcing attendance, accountability, and a sense of structure. Here’s how it can be thoughtfully used for return-to-office (RTO) efforts:

Reinforces Routine and Presence

  • Benefit: Employees scan in and out each day, re-establishing regular work habits and physical presence.
  • Tactic: Use the entry/exit data to support hybrid schedules — e.g., ensuring employees are present on their designated in-office days.

Supports a Trust-But-Verify Approach

  • Benefit: Encourages autonomy while gently enforcing accountability.
  • Tactic: Managers can use reports to confirm that team members are showing up consistently without intrusive check-ins.

Helps With Space Planning and Resource Allocation

  • Benefit: Anti-passback data shows how many employees are in the office and when.
  • Tactic: Use this insight to adjust cleaning schedules, security staffing, HVAC needs, or shared desk booking systems.

Encourages Safe Occupancy Monitoring

  • Benefit: Promotes a sense of security for employees concerned about overcrowding or emergency preparedness.
  • Tactic: Let employees know their presence is logged for emergency evacuation and space management purposes — not micromanagement.

Integrates Seamlessly with Wellness or Perk Programs

  • Benefit: Pair office attendance with perks (e.g., free lunches, parking passes, wellness credits).
  • Tactic: Trigger incentives based on verified in-office days via anti-passback logs (e.g., “badge in 3 days this week, get a coffee gift card”).

Reduces Badge Sharing in Hybrid Environments

  • Benefit: Prevents employees from “gaming” the system by having a friend badge in for them.
  • Tactic: Makes it clear that presence tracking is tied to legitimate entry/exit behavior, not just one-time check-ins.

Builds Data for HR and Facilities Team

  • Benefit: Provides objective usage metrics over time.
  • Tactic: HR can use this data to tailor RTO policies, and Facilities can monitor office re-engagement trends by team or department

Tips for Effective Implementation of Anti-Passback Features

Use Hardware That Supports Directional Logic

  • Install entry and exit readers at all controlled points.
  • Pair with turnstiles or optical gates where feasible for enforcement.

Define Logical vs Physical Anti-Passback

  • Hard Anti-Passback: Denies entry if proper exit hasn’t occurred — strict.
  • Soft Anti-Passback: Logs a violation but allows access — good for training or early adoption phases.

Set Grace Periods or Exceptions

  • Allow for system errors or emergencies by permitting admin override or setting time-based resets (e.g., after midnight)

Use with Video Surveillance Integration

  • Cross-reference access logs with video footage to verify compliance and investigate tailgating.

Combine with Mobile Credentials or Biometrics

  • Reduces badge sharing even further.
  • Encourages personalized access — especially valuable in high-risk zones.

Train Users and Security Staff

  • Make sure everyone understands how anti-passback works.
    Provide clear signage and onboarding to avoid frustration.

Communication Tips to Ensure Success

  • Frame anti-passback positively: as a way to ensure safety, comfort, and fairness, not as surveillance.
  • Communicate clearly with employees about why it’s being implemented and how it benefits them.
  • Provide self-service tools so employees can view their own access history and flag inconsistencies.

If you need help implementing Anti-passback technologies in your access control systems, we are here for you. Give us a call!

Upgraded Security with Alcatraz AI Facial Recognition: Your FACE is your CREDENTIAL!

By Gina Stuelke, CEO of Kenton Brothers

Upgraded Security with Alcatraz AI Facial Recognition: Your FACE is your CREDENTIAL!Overview

One of our customers, a major player in financial services, transportation logistics, and international trade, wanted to step up their physical security game. With a growing team and increasing security needs, the company needed an advanced access control system that was both seamless and highly secure. By rolling out Alcatraz AI’s facial recognition access control, we helped this customer create a hassle-free, high-tech security solution that improves efficiency and keeps their facilities safe.

Challenges

Before bringing in Alcatraz AI, this customer faced a few key security issues:

  • Key Card Hassles: Traditional access cards and codes were easy to lose, steal, or misuse.
  • Slow Entry Process: Employees sometimes got stuck at entry points due to lost or forgotten credentials.
  • Growing Pains: As the company expanded, it needed a security system that could scale easily.
  • Hygiene Concerns: In a post-pandemic world, a touch-free access solution was a must-have.

Solution

Kenton Brothers introduced Alcatraz AI’s facial recognition technology to upgrade its access control system.

Here’s what they got:

  • Effortless Access: Employees could simply walk up, get recognized, and enter—no more fumbling for badges.
  • Stronger Security: AI-driven facial recognition ensured that only authorized individuals could gain entry.
  • Easy Integration: The system worked smoothly with existing security setups, avoiding major disruptions.
  • Scalability: The technology easily adapts as the company continues to grow.
  • Touch-Free Convenience: Eliminating the need for physical touchpoints improved hygiene and safety.

Implementation and Results

Our customer rolled out Alcatraz AI at key entry points in its headquarters. We played a crucial role in the successful installation and programming of the new Alcatraz system, ensuring a seamless transition with minimal disruption to daily operations. Our expertise in access control allowed our customer to quickly and effectively deploy the technology. The process included:

  1. Planning & Customization: Security teams worked with Alcatraz AI and Kenton Brothers to identify priority areas and fine-tune the system.
  2. Professional Installation: Kenton Brothers handled the installation and programming, ensuring the system functioned flawlessly from day one.
  3. Smooth Deployment: The solution was seamlessly integrated with existing infrastructure, requiring minimal employee training.
  4. Ongoing Optimization: The company used real-time data and analytics to refine security measures post-launch.

The results spoke for themselves:

  • Drop in Credential Issues: Reduction in lost or stolen badges causing security headaches.
  • Faster Entry Times: Employees could get to work more quickly and efficiently.
  • Better Security Insights: Real-time monitoring helped security teams track access patterns and prevent potential threats.
  • Happier Employees: A smooth and secure entry experience boosted workplace convenience.

Conclusion

With Alcatraz AI’s facial recognition system in place, we helped our customer significantly improve their security while making daily operations smoother. We made sure that the installation and deployment were efficient and hassle-free. The technology’s ability to provide secure, touchless, and scalable access control helped future-proof the company’s security infrastructure. As our customer continues to grow, they’re confident that Alcatraz AI and our team at Kenton Brothers will keep up with their evolving needs.

Learn more about biometric technologies in the Alcatraz.ai Resource Center.

Hardware Bloat: The negatives of shoehorning equipment into a system.

By Baer Halvorson, Security Systems Engineer at Kenton Brothers

Hardware BloatAs an engineer, I look at photos of doors every single day. I zoom, I scroll, I furrow my brow, I scoff, I even take an immediate coffee break at the sight of some doors. Implementing security is a never-ending song of “just when you think you’ve seen it all…” One thing I want to highlight for a brief moment is a very specific problem that isn’t normal, but is common.

The door pictured is a perfect example of how time, multiple integrators, changing needs and the lack of system sterilization can cause problems. Shoehorning as much hardware as possible onto a door to fit the current need without proper removal of unnecessary devices creates a couple of major issues. Let’s break down how this happens by identifying what causes this problem; we’ll define system sterilization and its importance in the life-cycle of physical security systems and then we’ll address what to do to be smart and thorough in protecting the future of these systems.

The Setback

Not often enough do system integrators in the physical security space or clients needing security take into consideration the life-cycle of the system. There is no problem identifying the need, the integrator can easily identify the hardware for the moment and initial set up/billing are all very fluid processes in our industry. It’s only when you get to higher-level, usually enterprise systems, that the conversation of life-cycle comes into play. When this isn’t discussed in a medium to small security system, time can end up altering door design and the system itself can shift its purpose.

Hardware BloatFor example, perhaps the parking lot gets re-designed and now a door isn’t optimal for employee entry. Maybe the hardware takes a beating and the problem surrounding a device won’t resolve easily so the integrator pitches a different solution. All of this can lead to a door like the one pictured having hardware bloat, multiple locking devices, overlapping systems and more. The greatest threat posed by this issue is that there are now two to three times the amount of failure points and this door could end up easily compromised or become a burden to the system.

System Sterilization

The single greatest way to combat the issue of hardware bloat is system sterilization.

System sterilization is when a door needs to change for system purposes and security integrators remove the old defunct hardware from the site. This might incur more cost than leaving hardware on the door because you’ll need to patch holes, cover cuts, and repair frames to satisfy aesthetics. Often, because of this cost, the choice is made to leave the existing hardware even though you’re installing a new solution. This might not seem like a big issue for one door but over time, if obsolete devices are left in the field, you end up with a system that begins to become difficult to service and confusing to manage.

If a security manager or business owner audits their security program regularly, they can incorporate system sterilization and make sure that the system is running as lean as possible. This will cut time and save money in troubleshooting, and also satisfy the aesthetic of the space. When system sterilization is considered, the life-cycle of the physical security system is improved and lengthened providing better overall security and cost savings for its users.

Future Avoidance

Hardware BloatThere are a couple ways to make sure that access control, video surveillance and intrusion systems are avoiding the issue of hardware bloat.

The responsibility falls first to the customer’s security integrator; they are being paid to not just provide hardware but provide security solutions. The next person the responsibility falls on is the individual in charge of managing the system. Between the two of them, the integrator and system manager, they should be asking these three questions at every audit or change to the system:

  1. Is there any hardware installed in the field that is not in use?
  2. Are there any areas that have redundant devices that don’t call for it? (Redundancy is not to be avoided but appropriately implemented.)
  3. Are there solutions implemented within the system that are overkill?

Conclusion

Understanding that hardware bloat can slowly creep into a system and cause issues is the first major step to making sure that a physical security system is serving its purpose. Knowing what system sterilization is and how it can extend the life-cycle of a system will improve overall security and help provide financial savings. It’s important to keep an eye on this at every audit and/or change to the system and asking how the system can be further sterilized. Applying this to physical security systems will help keep the world a safer place which is the ultimate goal of physical security!

If hardware bloat is a problem for your business, and you’re not sure how to clean it up, we can help. Give us a call!

Facial Authentication vs. Facial Recognition: Understanding the Differences and Applications

By Gina Stuelke, CEO of Kenton Brothers

Facial Authentication vs. Facial RecognitionBiometric technologies have gained immense popularity for their convenience and enhanced security. Among these technologies, facial authentication and facial recognition stand out as two of the most discussed and applied innovations. While the terms are often used interchangeably, they refer to distinct processes and serve different purposes.

In this blog post, we’ll break down the differences between facial authentication and facial recognition, their underlying technology, and their real-world applications.

What is Facial Authentication?

Facial authentication is a biometric verification process where a system compares the face of a user to a pre-stored image (or template) to confirm their identity. This technology is primarily used in situations where a user must prove they are who they claim to be, such as when unlocking a smartphone, accessing a secure area, or logging into a banking app.

How it Works:

  1. Enrollment: The user enrolls their face into the system by scanning it, typically with a camera. This creates a template, which is a mathematical model of the facial features.
  2. Comparison: When the user attempts to access the system again, their face is scanned in real-time and compared to the stored template.
  3. Matching: If the live scan and stored template match within a certain threshold, the user is authenticated.

Key Features:

  • One-to-One Comparison: It compares a user’s face against their own stored template, confirming their identity.
  • Security: It is typically used in secure environments where users need to prove their identity (e.g., smartphones, banking apps).
  • User Control: Users usually initiate the process and consent to the comparison.
  • Common Applications:
    • Smartphone unlocking (e.g., Apple’s Face ID)
    • Secure access to apps and services (e.g., banking apps)
    • Physical security systems (e.g., building access)

What is Facial Recognition?

Facial recognition is a broader technology used to identify or verify a person from an image or video in a database or a public setting. Unlike facial authentication, facial recognition often works without the active involvement or consent of the individual and can be used in surveillance or identification tasks.

How it Works:

  1. Image Capture: A camera or video feed captures the face of a person in real-time or from a photograph.
  2. Feature Extraction: The system extracts facial features from the image and creates a biometric template.
  3. Database Search: The system compares the facial features to those in a large database to find a match.
  4. Identification or Verification: If a match is found, the person is identified or their identity is verified. If no match is found, they remain unidentified.

Key Features:

  • One-to-Many Comparison: Facial recognition systems compare a person’s face against many stored templates in a database.
  • Surveillance and Public Use: It’s often used in public spaces for surveillance, identifying individuals without their active participation.
  • Privacy Concerns: Since individuals may not know when their face is being scanned, the technology has raised privacy and ethical concerns.
  • Common Applications:
    • Law enforcement and criminal identification
    • Airport security and border control
    • Retail and commercial surveillance
    • Marketing and customer analytics (e.g., identifying returning customers)

Key Differences Between Facial Authentication and Facial Recognition

Facial Authentication

Purpose: To verify an individual’s identity
Comparison Type: One-to-one comparison (individual vs. stored template)
User involvement: Requires user participation
Security vs. Convenience: Primarily for security (e.g. unlocking devices)
Privacy concerns: Lower (user initiates the scam)
Common User Cases: Smartphone authentication, banking apps Law enforcement, public surveillance, marketing

Facial Recognition

Purpose: To identify or recognize individuals in a crowd
Comparison Type: One to many comparison (individual vs. database)
User involvement: Can be passive and without user consent
Security vs. Convenience: Primarily for identification tracking
Privacy concerns: Higher (can be used without user consent)
Common User Cases: Law enforcement, public surveillance, marketing

Privacy and Ethical Considerations

While both technologies offer undeniable benefits, they raise important privacy concerns, particularly facial recognition. Since facial recognition can be used without the knowledge or consent of the individual, it poses potential risks related to surveillance and the tracking of individuals in public spaces. Many governments and organizations are still working to strike a balance between the benefits of these technologies and the protection of individual privacy. On the other hand, facial authentication, which requires user consent and involvement, is generally considered less invasive, as it is used for secure access to personal devices or services.

Facial authentication and facial recognition are two powerful biometric technologies with distinct purposes and applications. Facial authentication is typically used to verify a user’s identity for security purposes, while facial recognition is used to identify individuals from a crowd or a database. Understanding these differences is crucial, especially as both technologies continue to evolve and become more integrated into our daily lives.

Whether you’re concerned about privacy, security, or convenience, it’s essential to stay informed about how these technologies are being used and regulated. We are here to guide you, give us a call.

From Legacy to Leading Edge: A visual journey through the evolution of security technology

From Legacy to Leading EdgeBy Gina Stuelke, CEO of Kenton Brothers

Back in 2008, our industry experienced a significant convergence event joining physical security and IP based networks onto a common platform. This was a major shift away from the disparate systems we had become accustomed to. That seems like such a long time ago! Today, we are involved in another convergence event involving physical security and cyber security.

The two pyramids in the images below represent the technology stacks used by Kenton Brothers, with each layer reflecting the progression of security technologies and how our offerings have elevated over time.

Kenton Brothers 2008 Technology Pyramid

Kenton Brothers Systems for Security: Pyramid1. Base Layer (Mechanical Locking Hardware): Traditional, physical locking systems.
2. High Security Cylinders and Masterkey System Implementation: The introduction of advanced physical keys and locks.
3. Legacy and Stand-Alone Access Control and Analog Video Surveillance Systems: Initial electronic security measures, such as standalone access systems, video surveillance and analog technologies.
4. Network-Based (IP) Access Control and Video Surveillance Systems: The shift to internet-based systems, improving remote access and integration.
5. Integration Services: Combining different systems (video, access control, etc.) for better coordination and ease of use.
6. Hosted and Managed Services: Outsourcing and cloud-based security management to external providers.
7. Video Analytics: Using software to analyze video data and identify suspicious activities automatically.

Kenton Brothers 2024 Technology Pyramid

Kenton Brothers Technology Pyramid1. Base Layer (Security Policies and Procedures): Security begins with robust organizational policies and procedures, a foundational aspect in modern security systems.
2. High Security Physical Hardware: Continues from previous physical security technologies but is more sophisticated.
3. Detection: Active detection systems for unauthorized access or incidents (includes sensors, alarms, etc.).
4. Access Control: Advances in access control technology (includes biometric and smart credentials).
5. Video Surveillance: Video monitoring remains central, but with higher resolution, better storage, and cloud integration.
6. Analytics and AI Support: Modern video surveillance includes AI, improving event detection and proactive analysis.
7. Cyber Hardening: Reflects the growing importance of cybersecurity, securing systems from hacking and digital threats.

What are the comparisons in technological advances?

  • Shift from Analog to IP: Over the last decade, analog systems (present in the first pyramid) have largely been replaced by IP-based systems, which allow for higher quality video and easier integration into larger networks.
  • Integration of AI and Analytics: Modern systems (second pyramid) emphasize the use of AI for proactive security management. This shift moves beyond video analytics to AI-supported threat detection, reducing human workload and improving accuracy.
  • Focus on Cybersecurity: The first pyramid lacks any mention of cybersecurity, which has become essential in modern security infrastructures due to the increasing threat of hacking. Cyber hardening in the second pyramid highlights this critical evolution.
  • Increased Use of Cloud Services: The second pyramid also reflects advances in cloud technologies for video storage, processing, and real-time analytics—leading to more flexible, scalable, and manageable systems.
  • Detection Technologies: Detection is more advanced in the second pyramid, likely including smarter sensors and automated systems integrated with AI.

Security systems have evolved from primarily physical and standalone solutions (first pyramid) to highly integrated, AI-driven, and cyber-secure ecosystems (second pyramid). These technological shifts have led to more automated, efficient, and intelligent systems capable of responding to modern-day security threats.

Has your commercial security stack been in place for a long time? It may be time to take a good look to make sure you are keeping up with the aggressive changes in technology. And if you need help, please give us a call!