A typical physical access control system is made up of following components:

-          ID Credential

-          Door Reader

-          Door Lock

-          Control Panel

-          Access Control Server

-          Software

-          Database

The access control process begins when a user presents the credential (such as employee badge) to the door reader. The reader extracts data from the badge, processes it, and sends it to the control panel. The control panel first validates the reader and then accepts the data transmitted by the reader. What happens next depends on whether the system is centralized or distributed. In a centralized system, the control panel transmits the data to the access control server. The access control server compares the data received from the card with information about the user that is stored in a database. Access control software determines the user’s access privileges and authorization, the time, date and door entered, and any other information that a company may require to ensure security. When access is authorized, the server sends a signal to the control panel to unlock the door. In a distributed system, the control panel allows or denies entry. The access control server periodically provides control panels with data that enable the control panel software to determine whether a user is authorized for access. The control panel then performs the access control server functions described above and makes the decision to allow or deny entry.

The communications protocol between the reader and panel include TCP/IP, RS-485, and RS-232.

The industry trend is to integrate logical and physical access control and use a single badge.  Interoperability is important to merge the two technologies. The badges are designed as a hybrid (two chips on same card) or dual interface (one chip supporting two technologies) for this purpose.