A system for controlling user access to a service includes a read device that reads a payment card of a user, and a first control block coupled an entry gate determines whether online payment authorization should be requested for the payment card. A first memory stores a hot list indicating payment cards for which the first control block denies user access to the service. If the online payment authorization is denied for the payment card, the first control block adds the payment card to the hot list. A further read device is configured to read the payment card, and a second control block coupled to the further read device controls a second gate after determining whether the payment card is on the hot list stored in a second memory coupled to the second control block, the hot list being updated with modifications via a network.