By John Fenske
Today’s secure identity technologies enable organizations to use a combination of smart cards and other smart devices in a growing ecosystem of interoperable products and applications.
By John Fenske
Smartphones are expected to steadily replace mechanical keys and physical access cards as part of a centralized access and identity management system that can adapt to evolving threats and business requirements, and will improve the user experience and deliver growing value while introducing capabilities like “twist and go” gestures for opening doors and gates.
Smartphones are also emerging as an ideal convergence platform that can replace dedicated One Time Password (OTP) logical access authentication hardware. In other words, the same phone that can receive digital credentials and “present” them to readers to open doors and gates will also generate OTP soft tokens for accessing network or cloud- and web-based applications. In the future, users will be able to use the same phone that gets them through the door to authenticate to a VPN, wireless network, corporate intranet, cloud- and web-based applications, single-sign-on (SSO) clients and other IT resources.
Organizations will need to take a technology-agnostic approach to mobile access control, using open and adaptable physical access control system (PACS) architectures that support multiple platforms, short-range communication and card emulation approaches. In particular, systems that use phones to open doors and parking gates will likely need to accommodate multiple short-range communications technologies used by today’s commercially available devices.
While Near Field Communications (NFC) was initially the primary short-range communication technology for mobile access control, the industry is now also moving to Bluetooth Smart because of its broad availability on both Apple and Android device platforms. Bluetooth Smart also supports a simplified deployment and identity provisioning model as compared to NFC (which requires the use of a secure element in the phone and commercial relationships with the mobile operators that manage them). To simultaneously accommodate both Apple and Android devices, however, access control platforms will likely need to support both Bluetooth Smart and NFC, as well as NFC Host Card Emulation (HCE) technology (which simplifies deployment as compared to NFC, but does not work with Apple phones).
Another advantage of Bluetooth Smart is its longer reach, which means a smartphone wouldn’t necessarily have to be close enough to be tapped to a reader in order to open a door, as with NFC technology. A big opportunity here is to incorporate gesture technology into a Bluetooth-based smartphone solution, so that the phone can simply be rotated or “twisted” as the user walks up to a mobile-enabled reader. This new “twist and go” gesture technology capability will offer an additional layer of authentication and new ways to open doors and parking gates.
Organizations can prepare for the benefits of mobile access control today by implementing open and adaptable security infrastructures that will support migration to these new capabilities. Adding smartphones and other mobile devices to an interoperable ecosystem of access control cards and devices will yield increasingly valuable benefits over time, including greater user convenience and efficiency, additional layers of authentication, and new ways to open doors.
John Fenske works for HID Global.