What happens after the controller restarts?

The local lock list is held in RAM. After a restart, entry transponders are permitted again. SMG therefore recommends an uninterruptible power supply or additional PoE.

Can APBK-CTRL-V2 handle multiple entries and exits?

With MQTT and the SMG Antipassback Server, the access decision can be made centrally. This allows multiple entries and exits to be assigned to one shared area.

What does the four-eyes principle mean in access control?

Under the four-eyes principle, access is only released when two authorized people present their credentials in sequence. This reduces solo access to particularly sensitive areas.

APBK-CTRL-V2 · Firmware 2.0.45

Antipassback controller for controlled access logic

Q: What is an antipassback controller?

An antipassback controller prevents a transponder from being used repeatedly for entry without a valid exit in between.

Q: How does antipassback work in practice?

After a valid entry, the transponder is blocked for the next entry. Only a proper exit or the end of the configured lock time allows the next entry again.

The APBK-CTRL-V2 adds independent antipassback logic to access control systems. The controller evaluates two Wiegand readers, switches separate relays for entry and exit, and maintains a local lock list for transponders that have already entered.

Download manual Technical data

Wiegand 26-bit
LAN, Wi-Fi and PoE
Web interface with live view

Controller V2 Version 2026-05

For airlocks, sensitive areas and controlled routes

The controller prevents uncontrolled repeated use of transponders and can also be used where the underlying access control system does not provide its own antipassback function.

0.1-0.2 s typical response time

2 readers entry and exit via Wiegand

2 relays changeover contacts up to 10 A

175 x 92 x 40 mm compact controller housing

Principle

How antipassback and the four-eyes principle work in real operation

In many projects, the goal is not just to unlock a door but to enforce a clear movement logic for a protected area. This is exactly where APBK-CTRL-V2 comes in: locally, quickly and with clearly defined states for entry, exit and exceptional releases.

Antipassback

No second entry without a proper exit

After a valid entry, an authorized transponder is treated as inside the area. As long as this state is active, the same transponder is blocked at the entry reader. Only a proper exit or the end of the configured lock time allows the next entry again.

prevents credentials from being passed on immediately after entry
reduces repeated use of a single credential
well suited for staff entrances, interlocks and sensitive internal areas

Example

Typical sequence at entry and exit

Person A presents a transponder at the entry reader and access is granted. An immediate second entry with the same credential is now blocked. At the exit reader, the same transponder checks out of the area and the next entry becomes possible again.

entry: the transponder is marked in the local list
second entry: the controller denies the release
exit: the lock is cleared again

Four-eyes principle

Access only with two authorized people

Under the four-eyes principle, a door is not released after the first credential alone. Instead, a second valid credential must follow within a defined time window. Only then is the switching output activated. This is useful for plant rooms, sensitive storage zones or areas with stricter organizational controls.

requires two different authorized people
reduces solo access to critical areas
supports operational security requirements

Project practice

When each logic makes sense

Antipassback is ideal when the main goal is to prevent one credential from being used repeatedly in a row. The four-eyes principle is the better fit when access must only happen jointly or under mutual control. Both approaches can be used separately or integrated into higher-level server logic depending on the project.

Function

Clear access logic with practical operating options

Blocking is handled locally in the controller. Master transponders always remain usable, while regular transponders can be blocked for the defined lock time after entry. If a blocked transponder is used at the exit, the controller clears the lock so that the transponder is authorized for entry again.

Antipassback

Local lock list

Transponders are locked locally after entry and released again after the configured lock time has expired.

Safety

Master transponders

Master transponders are stored in flash memory, are not blocked, and continue to work after a restart.

Presence

Presence list / PresenceDashboard

Newly integrated: The presence list shows directly in the controller which transponders are currently present in the area, and which are not.

Door logic

Optional door contacts

If required, an access event is only counted when the door contact is actuated.

Relay mode

Split entry/exit

Entry and exit can be switched separately via CH1 and CH2. Alternatively, the controller can operate with a shared relay.

Diagnostics

LIVE page and log

The live view shows events as they occur and supports commissioning, troubleshooting and functional checks.

Integration

MQTT ready

If required, the controller can connect status and event data to MQTT systems such as the SMG Antipassback Server. The access decision is then made centrally by the server, so several entries and exits can be assigned to one shared area. The server can also cover multiple areas.

Retrofit

Extension for existing access systems

Ideal for extending transponder readers or access control systems that do not provide antipassback and presence lists out of the box, for example SimonsVoss LSM or AXManager.

Independent

Software-independent access logic

The controller works independently of the management software because it only captures and processes the transponder ID at the reader.

Technical Data

Robust connection technology for two readers and two door routes

The APBK-CTRL-V2 is powered by DC voltage and/or PoE. Communication is handled via Fast Ethernet or 2.4 GHz Wi-Fi. The relay outputs are potential-free changeover contacts.

Input voltage	7-36 V DC and/or PoE
Inputs	2 readers with Wiegand0/Wiegand1 plus 2 potential-free door contacts DI1 and DI2 against DGND
Outputs	2 switching relays as changeover contacts, max. 10 A, max. 230 V AC or 30 V DC
Communication	LAN Fast Ethernet 100 MBit, Wi-Fi 2.4 GHz and optional MQTT
Dimensions	175 mm width, 92 mm depth, 40 mm height. DIN rail or surface mounting.

Connection

Important terminals and interfaces at a glance

Entry and exit are routed separately to Wiegand D0/D1. The common ground for readers and door contacts must be connected cleanly.

Readers and door contacts

DI3/DI4: entry reader, Wiegand D0 and D1
DI5/DI6: exit reader, Wiegand D0 and D1
DI1/DI2: optional door contacts for entry and exit
DGND: common ground for readers and door contacts

Relays and power supply

CH1 NO/NC/COM: switching output for entry and, in shared mode, also exit
CH2 NO/NC/COM: switching output for exit in split entry/exit mode
+ and -: 7-36 V DC operating voltage
ETH and ANT: Ethernet connection and included Wi-Fi antenna

Commissioning

Configuration via web interface over Wi-Fi or LAN

After power-up, the controller provides status and configuration pages. Authentication is required to change the configuration.

              Safety Notes
              Careful planning is essential for antipassback
              The lock list is held in RAM. After a restart, entry transponders are permitted again.
SMG recommends an uninterruptible power supply or additional PoE.
If the use of door contacts is enabled, they must be connected and function correctly.
The options "Exit opens always" and "Split entry/exit" must match the relay wiring.
The default passwords for user and admin should be changed during commissioning.

            

Downloads

Manual and support for APBK-CTRL-V2

The current manual describes connection, SimonsVoss configuration, commissioning, web interface, operating parameters, master transponders, lock list, log and LIVE view.

Download manual 2.0.42 Request firmware and support

Firmware updates are installed through the controller's OTA page. Please use Firefox or Chrome for updates.

FAQ

Frequently asked questions about the antipassback controller

What is an antipassback controller?

It prevents a transponder from being used repeatedly for entry without a valid exit in between.

Which readers are compatible?

APBK-CTRL-V2 works with Wiegand 26-bit readers, including SimonsVoss SmartRelay 3 Advanced and SmartRelay 1 Advanced G1.

What happens after a restart?

The local lock list is held in RAM. After a restart, entry transponders are permitted again.

Can a server manage multiple entries?

Yes. With MQTT and the SMG Antipassback Server, several entries and exits can be assigned to one shared area.

How does antipassback work in practice?

After an entry, the controller blocks the same transponder for the next entry until a proper exit takes place or the lock time expires.

What is the four-eyes principle used for?

It is used in areas where access should only be released when two authorized people jointly approve the entry, for example in technical or security-sensitive zones.

Compatibility

Note for users migrating from APBK V1

Controller generation V2 requires Wiegand 26-bit. When switching from Antipassback V1, the programming of the SmartRelays or card readers must be checked and adjusted accordingly.

SmartRelay 3 SREL3.CTR.ADV.G2(.ZK) with SREL3.EXT(2).G2.W or comparable extension

SmartRelay 1 SREL.ADV, G1 only

Other readers Card readers with Wiegand 26-bit interface

Not supported SmartRelay 2 MH is currently not supported