The future is already here – it’s just not very evenly distributed. – William Gibson
I have the unique privilege of having at my disposal just about every trade magazine published since the 1970s. It’s a wonderful library for sure but in between the voluminous information that is contained within, there are many editorial and opinion pieces, much like this one. Judging by the editorials and opinions, access control was, at any given point, “the future of the industry” and every locksmith needed to familiarize themselves with it before the industry eclipsed them and left them in the dust. In 1990, one manufacturer was even so bold to announce the impending demise of the mechanical key in an advertisement that ran for many months (they’re still making tons of them as of this article, 28 years after the fact).
For nearly 50 years we’ve been told about pending impact of access control as it relates to not only our industry but the marketplace as a whole. So…..when will the future arrive? I presume some would argue that the future has been here and access control has already met and eclipsed the goals of the prophets of yesteryear. Of course, they’d be wrong.
In 2013, it was predicted that the access control market share would reach $16.3 billion by 2017; it didn’t, it was valued at $6.39 billion in 2016. This figure was then revised and now it seems that by 2023, the market share will be worth $10.3 billion. That figure pales in comparison to the over all value of physical security market share, an estimated $133.94 billion in 2016, despite being a “best guess” for 5 years from now. As it relates to overall physical security, access control is still very much a “niche” market.
The IHS projected revenue growth of mechanical locks and electronic locks between 2013 and 2017. Electronic locks, annually, were projected to track a little over 2% MORE growth than their mechanical counterparts. Considering the growth of mechanical locks for the last 25 years has been, on average, ~4%, the access control’s market share will not begin the traditional “cannibalization” of mechanical lock market anytime soon if the IHS’ projections are even remotely correct. In other words, the number of openings will increase but we will see mechanical locks used at a rate that virtually negates any inroad that electronic locks may be making.
Put frankly, the anticipated future of the last 3 or 4 or even 5 decades hasn’t arrived. The only question remains: why?
The first reason is simply cost. It costs far more to secure an opening with an access control-based solution than a traditional, mechanical lock. Most companies, large and small, simply can’t justify the costs to equip every door, or even most doors, with an access control-based solution. Additionally, access control prices haven’t gotten all that better. Here are a few examples:
In 1993, Alarm Lock’s DL2500, an electronic digital lock, had a list price of $415.00. In 2018, Alarm’s Lock DL2700, the closest modern day equivalent of the DL2500, has a list of price $881.00.
In 1995, Hanchett Entry Systems, Inc.’s (HES) 1003 Series had list prices, depending on the model, between $260-321. In 2018, the 1500 Series, the modern day equivalent to the 1003 Series, has list prices that range between $520-689.
Granted, the DL2700 has a few more features and a larger code bank than the DL2500 and the 1500 Series allows the users to determine fail-safe and fail-secure in the field while the 1003 Series did not but neither improvement can realistically be argued to warrant such a large price increase.
You may be saying, well it’s not just features, it’s also the cost of materials, like steel. That is true, the price of commodities, specifically steel and aluminum, has increased quite a bit since the mid 1990s (steel increasing by as much as 122%, for example). But consider this: the prices of durable goods, things like cars, computers, and even CCTV cameras, have dropped since 1995. So why is access control one of the few exceptions?
One answer may be that while things like cars, computers, and CCTV cameras have experienced great technological advances, access control hardware has not. We’re still utilizing electric strikes and electromagnetic locks today that are largely the same as the ones utilized 20 and 30 years ago. They still use roughly the same amount of materials and are manufactured in much of the same way. If you’re using the same materials and processes then you’ll largely float the proverbial wave of commodity prices, labor wages, etc. Sure, you can mitigate some costs via out sourcing and offshore manufacturing but given the current Administration, that’s no longer a guarantee. The recent steel and aluminum tariffs along with multiple manufacturers either restarting or building new plants/mills will add yet another consideration in the matter and time will ultimately show the impact of these changes. Suffice to say, the future, as it relates to costs, is definitely going to be interesting!
One final note: integrator strategy. Larger commercial integrators are now selling access control systems at or slightly above cost with multi-year service contracts. In other words, subsidizing the cost of materials so that they make their money on guaranteed labor and the occasional upgrade or up-sell. They’ve realized that cost makes access control a hard sell and are coming up with creative ways to secure future work and profits. Is this the solution to the cost barrier? Perhaps, but time will tell.
A strong argument could be made that the low costs of CCTV cameras/equipment coupled with CCTV’s growing ubiquity and advances in technology, such as facial recognition software, have negated many benefits of access control. You no longer have a need for an audit trail if you can physically see who entered the room, at what time, and how long they were in the room. Furthermore, unlike access control, CCTV can potentially show what, if anything, left the room with them. And, with the exception of biometrics, credentials for access control systems can be shared. CCTV prevents this by, again, allowing the staff to physically see who used the credential.
If I can secure a room with a restricted key and point a camera in it’s direction, I’ve just about satisfied all of the benefits of an access control solution and at a fraction of the cost.
Vulnerabilities and Image
If you’ve followed the news for the last few years you’ve no doubt heard of the vulnerabilities associated with access control solutions. From Ransomware attacks plaguing hotels to “zero-day hacks” striking entire product lines and from an entire credential standard being compromised to firmware updates accidentally “bricking” hundreds of locks, people are being reminded that access control may not always be the best solution. In the case of the hotel that was hit by multiple ransomware attacks, the Seehotel Jägerwirt in Austria, the hotel manager was so fed up with it that he said they were going to go back to using “old-fashioned keys and locks”.
Another factor is the rise of information security professionals, who now largely influence if not outright dictate security policies for companies. They follow the news and the industry; they are well aware of the caveats. So are most IT professionals. When’s the last time you had a pleasant encounter with a network administrator when trying to configure IP addresses for a system that utilized existing IT infrastructure? There’s a reason they don’t want them on their network(s); it puts it at risk.
There’s also consumer skepticism and distrust. While this issue is almost exclusive to residential wireless or “smart locks”, privacy concerns and data leaks are causing consumers to seriously re-think the convenience of “smart homes” and “smart products”. That uneasiness may also carry over to the commercial world – we are all consumers, after all.
Policy and Habit
To quote a member of our team:
Part of what keeps access control from becoming more ubiquitous is the management side of things. Policies and administration of the systems are so divorced from the real needs of the end users that they end up circumventing the policies or falling back to mechanical locks for 90% of their security.
The future of access control remains to be seen but this much is true: no one knows what will happen and/or when it will happen.
If I had to guess, I think that the future of access control is largely dependent on which product(s) can satisfy the theories (read: hurdles) identified in this article. For some, cost is all it will take. For others, it will take more. Whatever the case, the hurdles that are now associated with access control will need to be addressed and more than likely solved if it will truly become what we’ve been told it will become for the last 50 years.
Until then, I hesitate to say access control is the future.