System design guide
Cards and fobs give each user a credential that can usually be disabled without changing everyone else’s access. The value is not the plastic token itself; it is the combination of credential technology, individual issue, role-based permissions and prompt revocation.

Where this approach fits
They suit many workplaces with changing staff, several access levels or a need to distinguish users in event records. A shared fob at reception removes much of that accountability. High-risk areas may require stronger credential technology, a second factor or additional supervision rather than simply another reader.
Design the complete opening and interface
Confirm reader environment, mounting, accessibility, vandal exposure and the controller interface. Existing cards may not be secure, compatible or owned by the client even if they operate another system. Never promise reuse from appearance alone; identify technology and encoding through authorised assessment.
Plan safety, failure and exceptions
Cards can be lost, lent, copied in some technologies or used for tailgating. Establish rapid loss reporting, disable credentials promptly and avoid printing unnecessary identifying information on a token. Door monitoring and staff awareness address risks that credential choice alone cannot solve.
Administration and ongoing ownership
Record issue, return and replacement. Use named users and role-based groups, review dormant credentials and avoid permanent contractor access. When someone leaves, disable access first; recovering the physical card is secondary. Keep secure spare credentials under controlled issue.
Card and fob requirements
| Area | Decision |
|---|---|
| Technology | What credential technology and security level? |
| Issue | Who enrols identity and records the token? |
| Loss | How quickly can it be reported and disabled? |
| Existing cards | Are technology, encoding, keys and ownership verified? |
| Reader link | What reader-to-controller protocol and protection? |
| Migration | How and when are weaker legacy modes removed? |
Design the exception workflow
For Card Fob Access, normal authorised use is only one test. Document the lost credential, unavailable administrator, communications outage, power issue, user who cannot use the preferred method and opening that does not return to its secure state. Name who responds and what they may safely do.
Acceptance evidence
- Current models, firmware, software and licences
- Approved door, user and permission schedule
- Normal, denied and exception test results
- Power, network and service-failure behaviour
- Integration cause-and-effect results
- Administrator roles, backups and update ownership
- Known limitations and outstanding actions
Questions to resolve
Is card and fob access control suitable for every property?
For Card Fob Access, no. Suitability depends on the operating need, physical equipment, safety duties, administration and verified product compatibility.
What information is needed to quote card and fob access control?
For Card Fob Access, provide the relevant openings, users, schedules, exception cases, interfaces, site constraints and required failure behaviour.
Who should participate in a card and fob access control design review?
For Card Fob Access, include the client’s security or facilities owner and installer; IT, building, fire, lift, gate or privacy specialists may also be required depending on this design.
How should card and fob access control be tested at handover?
For Card Fob Access, test normal authorised use, denial, representative exceptions, monitoring, integrations and agreed failure conditions without creating an unsafe state.
Which card and fob access control claims need human confirmation?
For Card Fob Access, product capabilities, site-specific compliance, safety interfaces and any privacy or legal statements require current specialist review.
Discuss the operating requirement
Share plans or photographs, user groups, normal and exceptional journeys, integrations and known building constraints. Serious Security can assess projects in Sydney and Melbourne.


