Piggybacking and Tailgating in Physical Security: Definitions and Prevention

Piggybacking and tailgating are common access control failures in physical security. Both involve an unauthorized person passing through a controlled entry point behind someone with valid credentials. The distinction matters because organizations use it to define violations, choose countermeasures, and write policy.

Key Takeaways

• Piggybacking and tailgating both bypass physical access control, but distinguishing intent shapes whether the response leans toward technology or policy enforcement
• Preventing unauthorized entry behind valid credentials requires layered defenses combining vestibules, sensors, and behavioral detection, rather than any single control
• Reactive detection alerts after the fact, while proactive barriers stop entry at the door, and the right balance depends on the risk profile of each zone
• Written policy, employee training, and disciplined visitor management remain essential because even the strongest hardware fails when insiders hold the door

How Standards Bodies Define the Terms

NIST PE-3(8) names piggybacking and tailgating together. Organizations that need different rules for different scenarios often define the distinction in their own policies.

The Practitioner Distinction and Why It Matters

While standards often treat the terms interchangeably, many security teams use a practical distinction that matters for enforcement.

Tailgating describes an unauthorized person entering by following an authorized person without that person's knowledge. The authorized individual badges through a door, and someone slips in behind them before it closes.

Piggybacking describes an authorized person knowingly allowing an unauthorized individual to follow them. An employee holds the door for someone without a badge, or waves a colleague through without requiring them to tap their own credential.

This distinction matters because the two scenarios often call for different responses. Tailgating is usually addressed through sensors, vestibules, and detection systems. Piggybacking is more often addressed through policy enforcement, training, and possible disciplinary action against the credentialed employee who facilitated entry. Security directors writing access control policies should define both terms explicitly rather than assuming a standard definition will settle the issue.

How These Breaches Happen

The Courtesy Hold

An employee badges through a swing door and, following ingrained social norms, holds it open for the person behind them. That person enters without presenting a credential. Traditional swing doors at controlled points of entry make this easy because multiple people can pass after a single badge event, and the door itself has no way to distinguish a single authorized entry from several.

The Vendor Pretext

An attacker poses as a delivery driver, IT contractor, or technician. Carrying boxes or equipment cases creates visual legitimacy and a natural reason to ask someone to hold the door. Social credibility often does as much work as the access point itself.

Peak-Traffic Surge Entry

During shift changes or building openings, an unauthorized person blends into a crowd moving through turnstiles or lobby doors. The volume of simultaneous movement makes individual verification harder. Throughput and security often pull in opposite directions, especially where entry systems must process one person at a time. In higher-traffic environments, that tradeoff is one reason organizations add anti-tailgating features at controlled entry points.

Propped Doors

Employees prop open access-controlled doors for convenience during loading operations, for ventilation, or to avoid repeated badging. This eliminates the access control function entirely. No social engineering is required; the physical barrier has been neutralized by an insider acting out of habit.

Detection Technologies

Anti-Passback

Anti-passback is a logical enforcement function within PACS software. The system tracks each credential's location state and flags impossible sequences, such as an entry event followed by another entry event without an intervening exit. In practice, deployments may deny access on violation or simply log the event while still permitting entry.

Anti-passback addresses credential sharing, not physical following. A person who tailgates through a door behind a valid cardholder generates no anti-passback violation because the cardholder's credential sequence still appears valid.

Access Control Vestibules

An access control vestibule is a space between two sets of interlocking doors. The outer door must close and lock before the inner door can receive an unlock command. These vestibules are designed to regulate entry and help prevent tailgating or piggybacking. If occupancy exceeds one person, both doors remain locked and a security alert can fire.

Vestibules are among the few technologies that physically prevent unauthorized entry rather than only detecting it after the fact. The tradeoff is throughput: single-occupancy sequential processing creates queuing during peak entry, and the architectural footprint requires dedicated space and structural integration.

Optical Turnstiles

Optical turnstiles use arrays of infrared beams between pedestals to create a detection curtain across the passage lane. The interruption pattern helps determine direction of travel, person count, and tailgating indicators. Barrier-free configurations trigger alarms but do not physically stop an unauthorized person. Variants with retractable barriers can block the second person while the first clears the lane.

Detection reliability depends on installation conditions and pedestrian flow. Carried objects, environmental conditions, and close-following movement can complicate discrimination, especially at higher throughput.

Stereo-Vision Depth Sensors

Stereo-vision sensors use two image sensors at a fixed separation to compute three-dimensional depth maps. Two people partially overlapping in a standard image can still appear as distinct depth objects because their bodies occupy different distances from the sensor. Mounted overhead in a vestibule or doorway, these sensors can feed person-count data directly to the door controller.

AI-Powered Behavioral Detection on Video Streams

AI-powered behavioral detection on video streams applies models to continuous video feeds and analyzes movement over time to identify unauthorized following. The logic correlates person count with credential events. After a PACS door-unlock signal, a person-detection model counts individuals moving through the door's field of view. If the number of people exceeds the number of valid credential events, the system generates a tailgating alert.

The main advantage is retrofittability. Existing camera coverage can support tailgating detection where placement provides a clear view of the passage zone. 

Multi-Modal Architectures

At the highest-security entry points, organizations often combine multiple sensor and enforcement layers into one architecture. A representative configuration might pair video-based detection at the approach, smart-card or biometric authentication at the reader, a vestibule with interlocking doors for containment, an overhead stereo-vision sensor for occupancy verification, and anti-passback for credential tracking. 

Each technology has its own failure modes. A layered system forces an attacker to defeat multiple independent mechanisms rather than exploiting a single weak point.

Prevention Best Practices

Policy and Training

Effective prevention starts with a written policy that explicitly prohibits tailgating and piggybacking by name, supported by training that explains why the rules exist. Workplace security training commonly instructs employees not to allow piggybacking, not to lend badges, and to report lost credentials promptly.

Training should cover how to recognize social engineering tactics, how to challenge unfamiliar individuals, and the consequences for employees who facilitate unauthorized entry. Explaining the purpose behind security hardware also helps employees understand why compliance matters. A security revolving door works only if people use it properly.

Environmental Design

Entry-point design directly affects tailgating vulnerability. Concentrating traffic through monitored chokepoints can simplify supervision and reduce uncontrolled movement around a facility.

Clear sightlines at entries support natural surveillance. Territorial cues such as borders, fencing, and signage help distinguish public from restricted space. Well-maintained environments can also signal active monitoring. These environmental design principles complement technology-layer controls.

Visitor Management

Strong visitor management closes one of the most common piggybacking vectors. Procedures for receiving visitors should establish identity, define authorized areas, and determine escort requirements. Continued reliance on manual systems for tracking temporary credentials leaves room for process failure and weak accountability.

Matching Controls to Risk

A central technology-selection consideration for security directors is whether a system supports reactive detection or proactive prevention. Optical turnstiles and AI-powered behavioral detection can identify tailgating events and generate alerts, but an unauthorized person may already be inside by the time an operator responds. 

Access control vestibules and security revolving doors are designed to prevent unauthorized entry at the point of access. Lower-risk zones can rely on detection paired with a response process, provided the response time is acceptable for the assets being protected.

‍