2 Oct 2020
The Importance of Mobile Credentials
The ever-accelerating usage of smartphones is transforming electronic security and the access control sector. Like keys and wallets, smartphones are not easily lost or misplaced and accompany users wherever they go.
They can be used to transmit credentials to gain access through a door, removing the need for a physical card or tag.
Access cards can be lost or stolen by unauthorized people. If a smartphone is lost, damaged, or stolen, the administration process should be seamless. A credential can be remotely disabled at any time with no need to access the smartphone. Administrators can also remotely wipe smartphones of the mobile credential and related apps connected to a corporate network.
How secure is it?
Mobile credentials add several layers of security above the normal plastic card. Smartphones add security with Multi-Factor Authentication (MFA), which requires smartphone users to provide two or more verification factors to gain access to a resource or application. This prevents unauthorized access to someone' else's phone. Once a mobile credential is installed on a smartphone, it is securely linked to that device. It cannot be replicated and installed on another mobile device.
VCredential: Cloud-Based Credential Management
The next layer mobile credentials add is the encrypted wrapper the card payload is placed into. This means that when the mobile credential is transmitted to the reader, the basic card encryption (Prox, MIFARE, DESFire) is enhanced by another encryption layer used to secure the card payload's transmission to the reader.
How does it work?
The most common communication processes for mobile phone credentials are BLE (Bluetooth Low Energy) and NFC (Near Field Communication).
NFC is an international transmission standard for the contactless exchange of data via wireless technology over short distances. Communication is between the initiator (the device that starts the communication) and the target (the initiator's device wants to communicate with). In terms of strengths, NFC negates phone power limitations once an NFC chip has been encoded as an access credential. However, NFC is only available on Android devices or limited to Apple Pay on iPhones.
BLE utilizes outbound signals to find and transfer data with other Bluetooth enabled devices. Data transmission is relatively energy-efficient and does not dramatically impact battery life. BLE is the most common method used for mobile credentials, and all smartphones are Bluetooth enabled. BLE requires device power to transmit, so dead phone batteries are a showstopper and often require backup credential methods like cards, fobs, or PINs to be used.
App-based solutions use a smartphone to trigger a door event directly. The user opens the app and taps to unlock. This method, phones use Wi-Fi to communicate with readers or directly interface with networked door controllers. This interface may require customer networks to allow remote access via VPN or through firewalls, etc. to door controllers.
Conclusions
Although convenience and operational efficiencies are compelling factors, a total switch from a card-based access control system to smartphones can be prohibitive for most organizations. Fortunately, the choice does not have to be entirely one system or the other – the best solution may be a combination of the two. Most mobile credentials enable readers to support proximity cards and mobile credentials, allowing for a phased approach to newer card technologies and adding mobile credentials when the time is right.