Systems for controlling access to specific physical facilities or areas are generally installed to enable control of which individuals that are allowed to enter particular areas or physical facilities. Today many of these access control systems involve the use of an electronically identifiable identity device, e.g. codes, ID-cards, RFID tags, mobile phones, etc., for identification of an individual trying to access an area or physical facility.
However, many of these identity devices, also known as credentials, may be handed over to someone else. In particular, such credentials may be handed to someone else after the first person has passed through a controlled passage using the credentials. Then that person may use the same credentials to enter the same area or another area requiring the credentials.
This problem is addressed in various antipassback concepts. In “Hard” antipassback implementations, the system keeps track of where the user is and access is denied if a user try to pass from one area to another and the user is not registered as present in the area that is to be exited. Similar to a “Hard” antipassback system, a “Soft” antipassback system keeps track of the users, but access is not denied if the user is not registered in the area that is to be exited. In timed antipassback, a user is denied access through a passage for a predetermined time after entry through the passage, so that there is no need for checking if a user exits the area. In global antipassback, the users are tracked throughout several areas. In known solutions implementing global antipassback, a master node or a master controller keeps track of where each user is in the system and all access requests have to be verified with this master. A system like this is very vulnerable as the entire system relies on the master controller and the operational status of the master controller. For example, the system will not work if the master controller is not operating properly.