Smart Lock vs PIN
In this digital age, is it surprising to learn that key security still firmly trumps a PIN or a futuristic biometric system?
We patented our smart lock for charging lockers back in 2013, and it is still as relevant and market-leading today.
We thoroughly explored the alternatives in our quest for the ultimate locker security. But even now, in 2022, we still get asked about PIN lockers and how they compare.
To understand the limitations and benefits of a PIN-based system, we built one as a prototype and put it to the test. We trialled it in a Central London location and then sat back to observe usage on the CCTV.
On one occasion, we watched someone using the locker correctly, followed by someone else getting up from a nearby sofa, going to the same locker, typing in the PIN and stealing the device. The phone owner had done nothing wrong but found their device gone through no fault of their own.
This is just one example I hear you say. However, that alone doesn’t make key security better than a PIN. Surely there are ways PIN systems could be as good or better than a key?
We think not. Here are seven rock-solid reasons why key trumps PIN every time.
Security:
- It is pretty easy to see peoples’ keystrokes, especially when they’re unfamiliar with the system and do it slowly. Typically a user-selected PIN must be confirmed, which gives a thief a second opportunity to spot the PIN.
- Even with a six-digit PIN, anyone can remember a sequence of 6 digits. And it’s super-easy for someone standing behind to video a user entering a complex PIN.
- Preventing users from choosing common PINs (e.g. 123456) will reduce successful guesswork. Still, it’s not enough unless you also reduce how many attempts are allowed. This can create another problem, though – locking the genuine user from retrieving their device!
Ease of use:
- It is significantly more time-consuming and tricky for users to create a PIN (that passes the uniqueness test). You can easily spend a few minutes setting up a PIN system – while it’s just a few seconds to use a key. That gives more charging time and means the machine is quickly available for following users.
- What happens if a user forgets their PIN or gets locked out? Staff interventions to release the device and put the locker back in service. Even if this happens with 1 user in 100, it means staff interventions at busy locations every day.
Practicality:
- Without clever design, a PIN system makes it easy for a user to lock an empty locker and leave it that way, reducing service availability. Of course, this won’t happen everywhere, but anti-social behaviour is a risk in specific locations.
- What happens if a PIN security machine loses power (the site loses power, or the machine fails)? If this happens, there are two choices – open all the doors or keep them all locked. Neither answer is satisfactory, though the former is, of course, the worst. Would this also happen with a ChargeBox? Fortunately, the answer is “No”. If the power source goes down, all you need is the key to retrieve your device, as it’s only a mechanical process to unlock it.
But come on, there must be some bad things about a key?
Well, you have to carry it around with you, and it’s possible to lose one. However, in our experience of charging over 50 million phones, this happens to less than 1 in 50,000 charges. The host site can open the locker with an emergency key and retrieve the device subject to certain security checks if it does. All the while, our systems record every event down to the second and transmit this to our servers – e.g. door locked, charging started, cable disconnected, etc. So we can back up any truthful story with our audit trail, and if someone is not telling the truth, we can see that too.
So OK, a PIN is maybe not such a great idea, but biometric security is undoubtedly the future. After all, that’s what I use on my phone these days, and they can’t steal that, and I can’t lose it.
We’d welcome reliable biometric systems, but it’s far from reliable. Fingerprint-based and face profiles are two common biometric systems. You know it takes time to set up if you’ve used these before. And these are state-of-the-art systems by some of the world’s best technology manufacturers. Using biometrics, a phone charging locker is slow to use, insecure, or both.
Even worse is the assumption that a biometric reader will remain clean and fully functional. Used many times a day with many different fingerprints – dirty, wet etc., will affect performance. In addition, users will not be able to use the locker or retrieve their device resulting in more poor service and high staff interventions.
And of course, just as for PIN, if power is lost, so are your chances of retrieving your device.So, that is why we use keys – and we suspect why you use keys to secure your property too.