The presented article is focused on access control systems like the basic elements of the property protection system, designed for intelligent access/exit control of persons to/from the protected area and for their movement tracking. The authors highlight the importance of identity verification within alarm systems designed to detect unauthorized access and describe the possibilities of applying various authentication information within access control systems. They focus on the method of authentication using the unique biometric characteristics of a man. In addition to the many advantages, that this approach presents, there are limitations in its application, resulting from the technological means and procedures used. These limitations can be summarized as metrics of biometric system performance. However, these metrics are often evaluated on ideal, so-called zero effort impostor datasets, which distort the design of physical protection systems. In this article, the authors emphasize the need to focus on the quantification of biometric performance, including spoof attacks. By testing the selected biometric system, authors outline the possibilities for real evaluation of the performance level. The results from testing can be used for physical protection systems models and for simulating the violation of the protected area (e.g. elements of critical infrastructure).