Visitor Access - QR Codes
Access Control and QR Codes Overview
Our access control uses QR codes containing a secure token number to allow visitors to gain entry to your premises.
Using QR codes for access provides a fantastic visitor experience as they can be easily shared with visitors in advance. You might think this makes them less secure - below, we show how they maintain the security of your premises.
Below details the considerations to ensure that QR code visitor access remains secure:
- When are they issued their QR code?
You are in full control of when you issue your visitor a QR code.
- Would you like to initially provide visitor access to a low-risk area, such as a parking lot? - Send the QR code with the visitor's invitation email.
- What about providing access to a more secure location, such as a lounge within your building or through turnstiles? - Giving the QR code after the visitor has identified themselves during check-in makes sense.
Would you like to make use of both scenarios? Take a look at our next point...
-
How you have configured the Proxyclick access control integration?
Proxyclick’s access control integration can upgrade the access permissions of a visitor as they progress through the check-in process.
- Prior to check-in, you can provide a low level of access, designed to allow convenient entry into semi-protected areas. Between arrival and check-in, you can have a process to verify their identity.
- When a visitor is marked as on-site or checked-in, their access can be upgraded to allow them to enter areas of greater security.
- Finally, when they have finished their visit, Proxyclick can deactivate access so that the QR code no longer allows access.
- What are the locations where the QR code readers are deployed?
You typically would not deploy QR code readers throughout the building, only installing them where visitors need access. This may encompass both low and high-security areas but only be located where you want your visitors to have unattended access.
Keep in mind that visitors are only on-site to meet someone, were invited by a trusted person, and are typically not expected to access the entire building unattended.
Some additional points to consider when looking at the use of QR codes:
- Proxyclick QR codes can be:
- Emailed visitors in advance
- Only emailed upon arrival after checking-in
- Not emailed at all: you can choose to print the QR onto a badge after the visitor checks in.
- QR codes add a lot of value to the guest experience, minimizing the manual process of assigning and handing out physical access cards or tokens.
- This also means you save on the admin involved in manually managing this process and the potential security risk of human error or cards not being returned.
- QR codes can be printed and shared, but this is traceable in the ACS.
- Physical cards can also be handed to the wrong person, passed back to allow a second person through, or used to allow multiple access attempts.
- Proxyclick QR codes are also time limited; they are only active during the meeting time and tied in with specific actions such as checking in and checking out.
This brings QR codes closer to the use of physical cards without having an awkward manual process involved.
QR Token Numbers and Security
We generate QR token numbers within a set range, typically a minimum range of 10 million, to ensure each is secure. They are allocated randomly, so there is no way to predict the tokens that will be generated. After a token number has been allocated and used, the same token number will not be reissued for a period of time to prevent reuse.
With Proxyclick Access Control integration, we encode secure token numbers into the QR code sent to your visitors. This same secure token number is added to their profile in the access control system (ACS), which our integration also creates automatically.
QR Code Readers
To gain access using the QR as the secure credential, QR code reading hardware must be connected to the ACS. After QR readers are installed, visitors can scan the QR code, and the reader then sends the token number back to the ACS. The number is then matched with the token number in their profile, and access is granted through the door (or gate, barrier, turnstile, etc.).
Proxyclick has tested QR code readers from the manufacturers below and can confirm them as compatible with the QR code format used in our invitation emails. Examples of readers tested by Proxyclick are listed below, but any compatible QR code reader may be used*.
*Other QR code readers may be compatible with the QR codes in our invitation email, but these need to be tested and confirmed before deployment. Contact our Support team for advice. Additonally, if the QR reader also supports tokens/cards/Bluetooth, this must be discussed with your systems integrator. The requirements for our QR codes will need to be considered alongside other technologies in use.
Suprema
The Suprema team have created custom firmware for the X-Station 2 reader, so it may be ordered and arrive pre-configured to work with Proxyclick QR codes. This means the reader is plug-and-play with no configuration required.
The XS2 has a built-in camera which allows for QR codes to be scanned, as well as many other functions to work with RFID cards and biometrics. Simply order and request the Proxyclick firmware: XS2-DPB-PC
STid
The Architect Blue reader range from STid offers a modular approach, so the reader can suit your needs. They may include traditional or touchscreen keypads and can read a wide variety of cards alongside Bluetooth and NFC. A QR code reading variant is also available. Skins may be applied to alter the reader's appearance, allowing it to blend in or stand out.
- STid have also created a Proxyclick variant of the reader, which will arrive pre-configured to work with Proxyclick QRs - no further configuration needed!
- Simply order product code: ARCS-R31-AQ/PH5-3la/1- CONFR-PROX03-001
STid Architect Blue QR Reader: https://stid-security.com/en/products/categories/418:architect-blue-qr-code-readers
Nedap
We have tested and confirmed both the Mace MM and NVITE readers from Nedap. The NVITE is the replacement for the now discontinued Mace reader. The NVITE reader can read Proxyclick QR codes alongside various card types, Bluetooth, and NFC.
Nedap NVITE: https://www.nedapidentification.com/products/nvite/nvite/
International Barcode (IBC)
The IBC Qscan range of readers listed below are suitable for use with Proxyclick QR codes. They offer various options to allow you to install the reader in different environments (inside turnstiles, for example) and also read a variety of different cards.
Qscan: http://www.internationalbarcode.com/qscan.htm
Qscan (Indoor Version): http://www.internationalbarcode.com/qscani.htm
Qscan Mini: http://www.internationalbarcode.com/qscanmini.htm
QscanT: http://www.internationalbarcode.com/qscant.htm
Full setup steps and instructions for all the above readers are available when deploying your Proxyclick Access Control System integration.