Anti-passback with NXT-MSC or Mercury EP, LP or MP Controllers

Anti-passback with NXT-MSC or Mercury EP, LP or MP Controllers

1.0 Introduction

The following document explains how to setup the Anti-passback (APB) feature when using NXT-MSC controllers or Mercury EP, LP or MP controllers. This anti-passback implementation is local (on a per controller basis) and therefore when using NXT-MSC controllers can only be configured between readers located on the same controller.

When using Mercury controllers, APB can also be applied between any readers connected to downstream modules via the main controller's local RS-485 network(s) - so this includes readers connected to single or dual door modules (i.e MR51, MR52 modules).

The Anti-passback features prevents what is sometimes referred to as 'tail-gating' - where the same card is used to grant access to multiple people at the same reader. When APB is implemented then access must be granted alternating between Entry and Exit readers - otherwise, an Access Denied - Anti-passback Violation will occur.

Notes:
  1. Anti-passback methods cannot stop a "true" tailgate (two people walking through a door on one badge-in). They only prevent the credential from being used twice.
  2. Anti-passback does not require door contacts but if door contact are enabled on the readers then the cardholder will need to physically open the door after they have gained access at the reader. When the door has closed it will not be possible to gain access again at that same reader until access has been granted at an alternate reader and for that door to be physically opened. If door contacts are not used then the APB flag will be set on the cardholders as soon as access is granted.

2.0 Anti-Passback Settings

There are various settings that affect the way APB functions - APB settings are located in the reader properties:


2.1 Soft Anti-Passback 

Soft Anti-Passback is the 'forgiving' version of APB - typically where locking out users from an area would be a potential safety hazard. With soft APB, if a cardholder violates the APB rules, they will still be able to gain access at the same reader with consecutive attempts - the system grants access but will generate an APB violation event which will be displayed in live events. This event could then be used in Automation to activate a relay which could act as a visual alert for security personnel.


2.2 Hard Anti-Passback

This is the most strict form of APB and the most frequently used - It ensures that access cannot be granted to a cardholder at an Entry reader before using an Exit readers first - and vice versa. It enforces a strict sequence of the cardholder going In-Out-In-Out of restricted areas.


2.3 Timed - Reader Based

APB Timed - Reader Based is often applied on a single reader such as a turnstile. After access has been granted at a specific reader it will not be possible to gain access with the same credential until a certain amount of time has passed - such as 10 or 15 minutes.


2.4 - Timed - User Based 

With this option, the APB timer is applied to the cardholder and not the specific reader. This is used in scenarios where there are multiple Entry readers and/or multiple Exit readers. For example, when a cardholder has been granted access at an Entry reader they will not be able to gain access at another Entry reader until the APB User lockout period has expired. If a user badges into the North Entrance (Reader A), their card is instantly blocked at the South Entrance (Reader B) and the West Entrance (Reader C) for the duration of the timer. This prevents the credential being "passed-along" across different entry points.


2.5 Timed - Hard Revert to Soft

This is a hybrid implementation of APB which behaves initially with Hard APB until a specific action is performed by the cardholder - such as another card presentation at the same reader within a specific time window - or an APB reset action that has been defined using Automation. APB will then revert to Soft - allowing the cardholder to gain access without having to locate someone who can reset their APB status. The cardholder can go about their day but the APB violation will still be logged in the software.


2.5 Timed - Extended Reader Based

With the standard APB Timed implementation, when a cardholder gains access the timer starts. If the cardholder swipes their card again the timer will continue counting down. With Timed - Extended Reader Based, the APB the timer will reset each and every time the cardholder swipes it during the APB lockout period - the counter will reset to zero this is typically used in high traffic access points - such as turnstiles. 


3.0 Hard Anti-Passback Setup

3.1 APB Configuration on an Entry Reader

Anti-passback is setup in the reader properties. The following steps explain
  1. From the main menu, click on Hardware >> Readers.
  2. Use the Actions menu for the Entry reader and select Edit.
  3. Scroll down the reader properties until you see APB Mode - set this to Hard Anti-Passback.
  4. Set the APB Enter Area to 0.
  5. Set the APB Exit Area to 1.
  6. Save the Entry reader settings.



3.1 APB Configuration on an Exit Reader

  1. From the main menu, click on Hardware >> Readers.
  2. Use the Actions menu for the Exit reader and select Edit.
  3. Scroll down the reader properties until you see APB Mode - set this to Hard Anti-Passback.
  4. Set the APB Enter Area to 1.
  5. Set the APB Exit Area to 0.
  6. Save the Exit reader settings.



NotesBecause the Exit and Entry readers have the opposite APB entry and exit areas, this enforces the rule that access cannot be granted at the same reader twice in succession. With Hard APB access must be granted alternating between Area 0 | Area 1 | Area 0 | Area 1, etc



    • Related Articles

    • PXL - Anti-Passback

      1.0 Introduction The Anti Passback (APB) feature provides one-way card access into and out of a secure area. It prevents a cardholder from using their card and then passing that card back to someone else for them to gain unauthorized access. Local ...

    • Elevator Control - Using True Mercury Controllers

      1.0 Introduction Borealis provides a cost-effective elevator control solution using NXT-MSC controllers with 4x4 modules or with True Mercury controllers and using MR16 modules. Elevator control uses a reader on the controller's reader port 1 to ...

    • Elevator Control - Using NXT-MSC Controllers

      1.0 Introduction Borealis provides a cost-effective elevator control solution using NXT-MSC controllers with 4x4 modules or MR16 modules and True Mercury controllers using MR16 modules. Elevator control uses a reader on the controller's bus 1 to ...

    • Mercury LP Controllers - Assign a Static IP Address

      Configure the Mercury LP Controller With a Static IP Address Once the controller has been added to Borealis you should configure it with a static IP address. This can be done via the controller's Internal Configuration menu. Important Note: Before ...

    • Mercury EP Controllers - Assign a Static IP Address

      Configure the Mercury EP Controller With a Static IP Address Once the controller has been added to Borealis you should configure it with a static IP address. This can be done via the controller's Internal Configuration menu. Important Note: Before ...