Well, the costs for the 'in' and 'out' reader are really not the major issue for most companies, as you could conceivably set a particular perimeter that cordons of 'secure' from 'not secure' and would only have to configure anti-passback for that perimeter. The real trick (and therefore problem) is in making sure that people do not walk through doors together, that is, making sure that only a single person passes the perimeter for a single access request. Single-person passages are way more costly than the readers, and have the additional problem of not allowing all that many people to pass per hour. That means that you may even need multiple for a given people flow. And that's leaving aside the convenience issues.