Anti-Passback (APB)

What is anti-passback, and why your business needs one

In the modern world of security and access control, preventing unauthorized entry is critical for safeguarding your business. But what exactly is anti-passback, and how can it benefit your organization?

Anti-passback (APB) is an advanced solution designed to eliminate credential misuse and ensure operational efficiency. When a user requests access to an area, the system checks whether the area they were last in matches the area they’re trying to enter or exit. So, if they’re trying to access a storeroom off the lobby, they must have last badged into the lobby.

If the user meets the criteria, then they’re granted access. If the credential is used to try and enter the same area twice, or to an area not directly linked with their last logged area, then anti-passback rules start.

It is a programmable function within ICT's Protege systems, capable of monitoring user locations across an entire building or specific high-security areas.

Whether you’re a small to medium business (SMB) or a large enterprise, APB helps prevent sharing access cards or mobile credentials by accurately logging access events. 

Anti-passback is available with ICT's proximity and smart cards, fobs, and mobile credentials.

How does anti-passback work?

Anti-passback records which users have swiped into a specific area and prevents them re-entering with the same credential within a short period. If a credential is used to enter an area more than once, the anti-passback violation rules start.

Here’s a step-by-step breakdown of how anti-passback works:

1. User Entry: The process begins when a user presents their access card or credential to the reader at the entrance of a secured area.
2. Access Granted: Upon verification, the access control system grants access and logs the user’s entry.
3. User Exit: When the user leaves the secured area, they must present their access card or credential to the reader at the exit point.
4. Access Revoked: The system then revokes the user’s access and records their exit, updating their status.
5. Anti-Passback Check: If the user attempts to re-enter the same area without first exiting or enters an attached area without badging into the preceding area, the anti-pass rules are violated and the system will deny access. 

By tracking the entry and exit points, anti-passback rules ensure that users follow the proper protocol, thereby enhancing the security of the facility.

Why use anti-passback in access control systems?

Sharing credentials is such a prevalent problem that a recent study by IPVM found that over 80% of companies surveyed use multiple methods, such as using cameras and having guards monitor the entrances, to prevent it. 15% of companies don’t do anything because they believe the problem is too widespread or the solution is too difficult and costly.

Unlike other solutions, ICT’s anti-passback is a free, programmable function, meaning you don’t need extra software*. Simply configure it for the relevant areas and begin to see the benefits for your business. Since there’s only one system to manage, reports are made easy as well.

Common situations an anti-passback system solves:

1. Tailgating: This occurs when an unauthorized person follows an authorized individual into a secured area without presenting their own access card. Implementing anti-passback measures can enable you to stop the tailgater from progressing further into the building and allow you to follow up with them to deter behavior.
2. Card Sharing: By integrating an anti-passback system into your access control functionality you can closely monitor access activity. Robust access control measures allow you to know who is in your building and where, which is important for reporting and critical in an emergency.

For many organizations, the number of attendees can significantly impact funding or your bottom line. For example, if 25% of gym visitors are sharing credentials, it can lead to a noticeable loss in revenue. 

Protege’s native anti-passback feature effectively eliminates membership sharing, helping you retain more revenue and improve operational accuracy.

To get the most out of anti-passback, we suggest you use it in conjunction with these features:

• Mobile credentials: People are a lot less likely to share their phone with someone. With mobile credentials, you can lessen credential passing and implement native multi-factor authentication.
• Dual authentication: Keep high security areas, such as vaults, safe by requiring 2 user’s credentials to unlock an area.
• Two factor authentication: Users must input a PIN along with their card or fob, ensuring high-security areas stay secure.
• Loiter areas: Use together with anti-passback to track who is loitering and discourage users from staying too long in an area, such as carparks.

Anti-passback is simple to set up and use, with no additional cost. To use anti-passback in Protege WX, you’ll need to enable advanced mode, which is as easy as completing your free Protege WX certification. Ready to get started? Visit the certification page today and become a Protege WXpert to unlock the benefits of anti-passback!

How to set up anti-passback? 

Anti-passback is easily configured in 9 steps. Watch the video or check out the written instructions below.

Step 1: Navigate to programming | doors and select the door you want to have anti-passback settings: Step 2: Ensure each door has an area inside the door and an area outside the door set.

1. These are both required for anti-passback programming to operate correctly as they tell the system which areas are physically adjacent to the door
2. We recommend you create an ‘offsite’ area for the outside of external doors to keep track of which users aren’t in the facility. If there is no outside area set, the users’ current area will be set to ‘unknown’ when they leave. 

Step 3: Navigate to programming | door types and add a new door type. This can be used for multiple doors, or you can create a new door type for each door

Step 4: Anti-passback is set separately for the doors' entry and exit directions. Enable entry anti-passback to control access to the area inside the door and enable exit anti-passback to control access to the area outside the door. To enable, set the entry/exit passback mode as required for each direction

1. None: Anti-passback is not enabled in this direction. When the user passes through the door in this direction the system won’t update the user’s current area
2. Soft passback: Anti-passback is enabled in this direction. When there is a violation, the door will generate an event but allow access
3. Hard passback: Anti-passback is enabled in this direction. When there is a violation, the door will deny access and generate an event.

Step 5: Set the entry/exit reading mode as card only, or card and PIN. 

Step 6: Click save

Step 7: Return to programming | doors and select the door that the anti-passback applies to the one created in step 3

Step 8: Set the door type to the one created in step 3

Step 9: Click save

To see how to set it up, please see application note AN-337: Configuring Anti-passback in Protege GX.

For Protege WX, please enable ‘advanced mode’ and follow the instructions in the AN-337 application note. Enabling advanced mode is as simple as completing your Protege WX certification training.

Use Cases

With so many diverse applications, anti-passback can be used in a wide variety of industries.

Whether you need to prevent membership fraud, secure sensitive data, or ensure compliance in high-risk industries, anti-passback is a vital tool for modern businesses. With flexible modes and seamless integration into ICT’s Protege systems, anti-passback provides both security and peace of mind.

Take the next step today by exploring ICT’s Protege WX and GX platforms to discover how anti-passback can transform your business’s security.