QR Code for Access Control
Introduction:
In order for QR code to be used as access credentials, it must be dynamic and secured:
Dynamic means the QR Code presented via a smartphone is different every time based on a timestamp.
Secured means the QR Code is encrypted and can only be decrypted by the device accepting the credentials.
Advantages:
Contactless thus no hygiene concern
Low cost relative to physical card
People are less likely to lose their smartphone
Additional layer of security of unlocking smartphone
Issuance of access credentials can be done via network means
Considerations:
Additional IT infrastructure to centrally manage dynamics of QR code generations
The risk of credential sharing is increased
Additional provisions and ongoing maintenance effort in maintaining time synchronisation across all field devices.
The smartphone application must be brought to front screen in order for QR code to be shown; thus decrease traffic throughput
Smartphone device security, network connection, and battery level would affect the effectiveness of the access control setup
Bottom Line:
Whether QR code is suitable for your business depends on your unique business requirement. Speak to a trusted security consultant before investment is recommended.