1. All Resources
  2. Glossary

Area Anti-passback in Access Control

What is it?

Despite a somewhat confusing name, area anti-passback (APB) is actually quite simple: It is a security protocol that prevents cardholder credentials from being used for improper access. Area APB works by recording which users have swiped into and out of a defined area. Cardholders swipe into the building and into other areas during the day. For their access card to work at any entry reader again, their card must have been swiped at the corresponding exit reader.

APB assumes that all employees keep their access cards on them at all times. By swiping into an area, they tell the system that they do not need to re-enter, so their entry access is temporarily revoked. If they are a trustworthy employee, this never becomes an issue. However, if they pass their badge to another person to try and trick the system into granting that person access, the second person will be unable to enter and your system administrators will be alerted. This is most commonly used in parking garages and main entrances. Area APB only serves to make each area of your facility more protected against infiltration.

What is its purpose?

Anti-passback is a security system feature that is primarly used to prevent users from passing their credentials (such as access card or similar device) back to a second person to enter a security controlled area, such as a car park or employee building. It can also stop users to enter the controlled area by following or tailgating another person. Its purpose is to prevent misuse of such access control systems, but can also be used to count the users (cars or people present in the building) or can be combined with many other features to fulfill high security requirements in areas where there is an “in” reader at the entry gate and an “out” reader at the exit gate.

How does it work?

The anti-passback feature works on the basis of a specific sequence in which access cards must be used in order for the system to grant access. For every use of a card at the “in” reader, there must be a corresponding use at the “out” reader before the card can be used at the “in” reader again. For example, this works fine at the parking lot, because the driver would normally swipe their card at the “in” reader to get into the lot and swipe it at the “out” reader to get out of it. As long as the sequence is “in – out – in – out – in – out”, the system will work fine. However, if the driver swipes his card at the “in” reader to get in, and then passes his card back to a friend, the card would not work the second time because this would create an “in – in” sequence, which is a violation of the anti-passback rules and access would be denied.

What does soft anti-passback mean?

Unlike area anti-passback (APB), which refuses access to badges that have swiped into an area but not out of it, soft APB is a security protocol that allows cardholders to use their credentials improperly, but notes such incidents. APB procedures are intended to cut down on cardholders who share their access levels with other people, who may or may not be allowed into a certain space. This practice compromises office security and can lead to huge safety concerns. While area APB simply refuses access to badges that are being used out of sequence, soft APB works more quietly, catching perpetrators in the act while allowing them to think they have gotten away with it.


Starting a new project?
Download our Physical Security Guide

Get the full guide and other great security content from Kisi. 

Download Guide
Kisi Physical Security Guide