Our access control platform uses QR codes containing a secure token number to allow visitors to gain entry to your premises. This provides a seamless guest experience where they no longer need to wait to be onboarded into the access control system (ACS) and issued a physical access card when they arrive.
The primary objection to QR codes we hear is based on them being easily shared, as they can then allow access to uninvited guests. It's true that a QR code can be emailed, whereas physical access cards can only be handed to someone else, but please see the notes below which cover concerns raised in this area.
💡 As a golden rule: try not invite people who may compromise the security of your premises... When that may not be possible to determine in advance, please review the information below to alleviate any worries you may have:
- QR codes add a lot of value to the guest experience, minimising the manual process of assigning and handing out physical access cards or tokens
- This also means you save on the admin involved in manually managing this process and the potential security risk of human error or cards not being returned
- QR codes can be printed and shared, but there is traceability of this in the ACS
- Physical cards can also be handed to the wrong person, passed back to allow a second person through, or simply used to allow multiple access attempts
- Proxyclick QR codes are also time limited; only active during the meeting time and tied in with specific actions such as checking-in and checking-out.
- Our QR codes may even be more secure than traditional cards and fobs, as access can be prevented after they have initially entered if required.
- Proxyclick QR codes may be:
- Emailed to visitors in advance
- Only emailed upon arrival after checking-in
- Not emailed at all: you can choose to print the QR onto a badge after the visitor checks-in
The final option above offers a scenario where you have a balance between the positive aspects of QR codes while no longer worrying about them being shared to people you never invited in. This brings QR codes closer to the use of physical cards without having an awkward manual process involved.
How we handle QR token numbers to ensure security
- We generate QR token numbers within a set range, typically a minimum range of 10 million, to ensure each is secure
- They are allocated randomly so there is no way to predict the tokens that will be generated
- Once a token number has been allocated and used, the same token number will not be reissued for a period of time to prevent reuse.