The present invention relates to a method for avoiding the misuse of access authorizations of a customer identification (“ID”) based personnel or motor vehicle access control system.
ID-based access control systems make use of the customer medium ID, wherein the customer medium ID is read by access control devices of the access control system and sent to a central server, which by way of the ID allows or denies access via the access control device sending the ID. The customer medium may, for example, be realised as an RFID tag, an RFID card or as a paper ticket with machine-readable information.
ID-based access control systems have the advantage, compared to so-called medium-based access control systems wherein access is allowed or denied based on the information stored in the customer medium without contacting a central server, that a high degree of flexibility and scaling is ensured. A customer medium ID may have several types of access authorization assigned to it, for example for different areas and different times and different operators, which is of advantage in particular in ski resorts.
However, the customer media used may be subject to misuse in that they can be copied and then used. This leads, on the one hand, to a loss in revenue on the part of the operator of the access control system, and on the other, to the rightful owner of the customer medium being charged too much. Further misuse of a customer medium may also lead to the rightful owner of the customer medium being refused access when using the original customer medium.
If, for example, standard RFID tags are used as a customer medium, these can be freely programmed thereby making misuse quite easy. Further in case of a barcode ticket, this can be copied without any problems.