Now, you're getting into security questions
And there are several books on this subject for SR out there. The best by far is the Lone Star book from 2e. But lets look at some factors.
While it is possible to build the perfect security system, most people and businesses just don't have the time nor the money to invest in them. And, lets face face it, if everyone who went through a given door was subjected to 20 minutes of screening... well, nothing would get done! The other side of this is just the general short cuts that people take every day, many of them through simple habit: Like holding a door for someone.
On general principle, the more obtrusive a system, the more likely people will engineer a system to bypass it. (like holding the door for someone). And some systems, that you think sound really secure, in practice turn out of be the most impractical.
Take say a blood reader on a door... that sounds like it would be a really good system until you break it down:
you are puncturing a digit to collect a blood sample: communicable disease risk!! (HMHVV, AIDS, Hepatitis, VITAS.... should I go on?)
The depth of skin you would need to puncture for my hands after 20+ years of construction are going to be much thinker then some teenage wiz kid just out of college, not to mention the scar tissue build up from having your finger stabbed twice a day minimum: Injury Risk, and False Reading Risk.
If everyday you had to get your finger pricked twice a day, every single day, you would begin to develop an aversion to that exercise: Socially engineered avoidance -"hold the door!"
Saliva poses many of the same risks (higher false positive readings, contaminated samples, etc) while reducing others...
Retina scans are fairly quick, clean and efficient... but can be fooled by cyberware easily...
The biggest issue for any security system however, is the bottle neck they create. By definition, any "denial of access" system creates a bottle neck, and these bottle necks can cause a significant issue to productivity (and thus a Corp bottom line).
Consider this (and this an ACTUAL case study). You have a facility that you need only qualified personnel in, AND you need to record each entry and exit of each person. you have 500 people to feed through your single entrance.
A Simple RFID scanner takes a single second to read and record both the entry and the exit of a person. Meaning the last person is through the doorway roughly 8.5 minutes after the line starts moving.
Lets say they have to sign a logbook.. it takes roughly 5 seconds to find the spot and sign a name... meaning the last person is through the door roughly 42 minutes after the line starts moving. And a signature is a more secure system then just a RFID tag (believe it or not!)
Lets say they have to insert a keycard, and insert a code: This takes roughly 15 seconds per person: now its roughly two HOURS for the last person to go through the doorway...
Starting to see the issue? And thanks to social engineering (if you knew it would take 2 hours to get through the doorway, are YOU going to be the last one?) you can bet you are going to lose productivity just to the anticipation of the doorway security! Dummy math time: 4 hours a day, 320 days a year @ $20/hr = $25K in lost wage/productivity!
And this was a case study for basically an "shipping warehouse"... can you imagine something like an office building with hundreds to thousand of people?
This is why Security is usually "KISS" and layered, and that layering may not be what you expect.
In this case, Dr. Sayr is a NeoNET employee, and is working on a secure project. 90% of the security has been fulfilled (the vetting and checking.). From there, its just limiting access to areas she doesn't need to be (RFID locked), and keep others out. (basic perimeter defense). Dr. Sayrs probably lives in a NEONet arco-block, so that part of the security is covered (or should be).... So really, what is there left to do?
Which is what makes the original run with the Doppelganger so ingenious... Dr. Sayrs already has all the security checks and clearance done.... She's "inside the system", by using a genetic doppelganger they bypass any of the random checks the system would use (genetic exact match). SIN would not be an issue because, again an exact match. Ownership of things would be an issue... except that they have the original Dr. Sayrs (the "switch" happens after the runners grab the original remember) to "legally" pass ownership (as much as "give me your passwords or I am going to start cutting off fingers!" is legal)
Basically, Don't over think things too much
