Physical ­access via ­mobile

Access & Identity Management Handbook 2015 Access Control & Identity Management, Infrastructure

One of the areas of the access and identity management market that everyone is excited about is the use of mobile technology to replace traditional cards and other authenti­cation methods. Using smartphones for a variety of non-telecommunications purposes is the norm today and it is becoming the new normal in this market as well.

To gain an understanding of what is on offer from the various players in the market, Hi-Tech Security Solutions asked a few of them to tell us about mobility in the access market. The people who responded to our request were:

• Hilary Dredge from Controlsoft,

• Maeson Maherry from Lawtrust, and

• Wouter du Toit from SALTO Systems.

Hi-Tech Security Solutions: Why are vendors transferring access and identity to the smartphone? What benefits are there to creating yet another app, or use for the phone?

Hilary Dredge: Firstly, let us consider the undeniable fact that our cellphones are used for almost every aspect of our lives, from business to entertainment to communication. Therefore, one tends to always ensure their cellphone is constantly with them and, just like your wallet, you would hardly ever loan it to anybody else. Compare this to owning an access card which has no value in your life, the idea of forgetting your means of accessing a building are minimised.

Secondly, the idea of using a smartphone as an access credential opens up possibilities for greater advances in access control. Imagine leaving home with nothing but a wristband such as a smart watch that links with your phone. The mobile access solution embedded on this device will allow for access control to buildings, purchases and possibly holding valuable personal data such as physical conditions and medical history, which can easily be scanned by emergency personal in an unfortunate event.

Thirdly, having the mobile access credentials stored directly on your phone greatly reduces the risk of losing that credential. And in the event that more than one credential is needed, there is no need to carry multiple access cards as they are all stored on one device.

Maeson Maherry.
Maeson Maherry.

Maeson Maherry: The major reason that vendors are transferring security functions to the mobile phone lies in the fact that people love their phones and mostly have them with them for every waking moment of the day. It therefore makes for a much better user experience if security can be tied into the mobile that the user wants to use, instead of providing another gadget to carry around. The mobile security credential does in fact not have to be another standalone app, but rather can be a function built into an existing app that you already use, like a banking app.

Wouter du Toit: It’s all about convenience for the end user and improving their experience. It’s basically an extension of the one-card solution brought to your smartphone. Of course, not everyone wants to do everything with their smartphone, but there is an important segment of users who see value in using the smartphone as a credential.

Hi-Tech Security Solutions: We hear a lot about the risks of mobile computing, are mobile credentials subject to the same risks?

Hilary Dredge: We do everything on our cellphones; they contain personal information, banking information, emails, contacts and more, all of which we would certainly want to keep away from prying hands. Smartphones come with various options on securing your data using passwords, patterns, fingerprints and password-protected data encryption. If these are not enough, apps are developed constantly to protect our phones.

Maeson Maherry: Mobile credentials are definitely exposed to the same risks and vendors have to defend against attack as well as the possibility that the user has removed their own security protections for some reason, like jailbreaking a phone as an example. The answer to this lies in secure coding practices and also providing a laboratory tested security application or library which can secure the sensitive keys used for security independently from the phone.

Wouter du Toit: SALTO incorporates state-of-the-art security measures into all our mobile technologies and we review and update these constantly to stay secure and ahead of the market. For instance, our smartphone authentication technology uses a variety of methods for verifying a mobile user’s identity, including PIN and fingerprint identification.

Encrypted data transfer between phone and lock also means authentication is secure and fast. This, together with highly secure data transmission and anti-cloning technology means our mobile access security is protected and robust. With our cloud-based solution, the RFID technology we use is the same as that employed in many governmental and military applications and uses an encrypted algorithm and randomly generated Clay Codes to provide secure credential protection.

Hi-Tech Security Solutions: How does mobile access work? How are credentials provisioned and controlled? What changes need to be made to readers, or do companies need to purchase new readers?

Hilary Dredge: The technology for mobile access to function exists entirely in the readers designed for this mode of access control. These would be the only hardware requirements the company would have to consider, no matter what their existing access control system is.

From a secure web-based application, generally maintained by the vendor, mobile credentials are dispatched via email to the expected credential holder with simple instructions on how to implement them. This credential can already be enrolled on the existing access control system without the holder being present, saving time and queues. Training on the use of this mobile credential is simply learning a gesture which activates the credential at the mobile ready access control reader.

Maeson Maherry: Usage experiences will vary due to the business design requirements, but a typical usage would be where the mobile is used as the authenticator for a website that you are accessing on your laptop. The website would ask for your username, but no password anymore. Your mobile phone would be sent a push notification to alert you to a security event. On clicking this, the app would open up and show you what the event is (request to authenticate to a website) and you would then be able to push a button to confirm or decline this event. If you confirm then you will be seamlessly authenticated and allowed access to the website. All provisioning is done over the air (OTA) and no readers are needed at all.

Wouter du Toit: There are different solutions that permit mobile access and the different solutions use different types of technology. Here are a few that stand out in the market and find good traction with mobile users: NFC, Bluetooth Low Energy (BLE)-based technology, mobile applications enabling remote access control to cloud-based ­solutions. So finding the best solution in mobile access technologies is like finding the best solutions in any other access technology – it all starts with an end-user’s needs in terms of security and convenience.

Depending on the choice of technology and your current hardware installation, you might need to replace some readers or it could be just a firmware upgrade to existing readers. Provisioning and control is done through the same access control platform with breakout to the cloud to be able to send these credentials to smartphones.

Hi-Tech Security Solutions: What are the cost benefits of mobile credentials as opposed to traditional cards etc.?

Hilary Dredge: Mobile credentials are relatively no more expensive than physical smart access cards, and given that they are less likely to be lost as regularly as the physical version, replacement cost are negated.

Wouter du Toit: Although for some users, such as hotels, that spend important resources on replacing lost or stolen credentials, our initial feedback from the market is that the consideration and incorporation of mobile technologies for access credentials is being more driven by end-user experience and convenience and less by cost savings.

Hi-Tech Security Solutions: Is integration to other systems as well as into the virtual world easier with mobile credentials?

Hilary Dredge: Since the technology for mobile access to work exists entirely in the mobile ready readers themselves, this allows easy installation into any other access control system provided this system supports Wiegand. No changes to the existing system are required, and ­therefore no risks of interfering with the functionality of that system.

Maeson Maherry: Our approach has been to add mobile authentication and transaction verification into our existing authentication platform, thereby extending its spectrum of authenticators offered. This means that integration remains by established protocols or web services, making it extremely easy to incorporate in standard products as well as bespoke systems.

Wouter du Toit: As explained above, there are quite a variety of new products on the market using mobile technologies for access, so the question about how easy it may be to combine these products with other systems is very much dependent on the specific technology involved.

Hi-Tech Security Solutions: Can you describe the mobile systems you offer the market?

Hilary Dredge: Our solutions extend beyond the comprehensive range of mobile ready readers. By partnering with Assa Abloy we also provide mobile ready wireless door handle sets from Aperio, excellent for use in the hotel industry or high-end corporations. Coming soon to our family of mobile ready devices, is the already acclaimed Sigma Biometric terminal.

Maeson Maherry: We have a broad spectrum of solutions for ­various scenarios of mobile use. This includes mobile app authenticators, QR code authentication, transaction verification, smart credentials to authenticate and digitally sign with Advanced Electronic Signatures on the phone. Probably the most exciting area is in the use of phone cameras for fingerprinting and face recognition to authentication or to confirm a transaction.

Wouter du Toit: JustIN Mobile: The intuitive JustIN Mobile app communicates securely via the cloud and permits users to receive their keys online, anytime and anywhere to their BLE-enabled smartphone. JustIN Mobile means the end to lost key hassles, expense and waste. This flexible solution gives users the option to choose to receive their key on their phone or to continue using a traditionally-issued smartcard credential. The user decides.

JustIN mSVN: JustIN mSVN (mobile SALTO Virtual Network) is an innovative technology developed by SALTO to update a person’s access rights over the air (OTA) using SALTO’s mSVN app for NFC-enabled phones. Direct, real-time communication between the mobile device and the user’s credential increases productivity and flexibility without sacrificing security by enabling updates to happen when and where they are needed, without a user having to pass by a wired update point. This technology makes it ideal for field workers who require access to remote locations where little or no network connectivity is available from the HQ.

Clay: Clay is a secure, cloud-based wireless electronic locking solution designed to allow small and medium sized businesses to manage access to their property. With a mobile app and a desktop dashboard, businesses are able to easily and, if required, remotely manage user access rights with an overview of user and door activity. No cabling is required, no software to install, no encoders. It simply works.

For more information contact:

Controlsoft South Africa, +27 (0)11 792 2778, info@controlsoft.co.za

Lawtrust, +27 (0)12 676 9240, maeson@lawtrust.co.za, www.lawtrust.co.za

SALTO Systems, +27 (0)11 534 8489, w.dutoit@saltosystems.com, www.saltosystems.com



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

New State of Physical Access Control Report from HID
HID Global Editor's Choice Access Control & Identity Management News & Events
HID released the 2024 State of Physical Access Control Report, identifying five key trends shaping access control's future and painting a picture of an industry that has been undergoing considerable transformation.

Read more...
Smart intercoms are transforming access control
Access Control & Identity Management Products & Solutions
Smart intercoms have emerged as a pivotal tool in modern access control. They provide a seamless and secure way to manage entry points without the need for traditional security guards to validate visitors before granting them access.

Read more...
Western Digital reveals new solutions
WD South Africa Products & Solutions News & Events Infrastructure
Western Digital unveiled new solutions and technology demonstrations at the Future of Memory and Storage Conference 2024. The innovations cater to diverse market segments, from hyperscale cloud to automotive and consumer storage.

Read more...
Easy, secure access for student apartments
Paxton Access Control & Identity Management Surveillance
Enhancing Security and Convenience at Beau Vie II Student Accommodation, a student apartment block located at Banghoek Road, Stellenbosch, with Paxton's access control and video management solution

Read more...
Invixium acquires Triax Technologies
News & Events Access Control & Identity Management
Invixium has announced it has acquired Triax Technologies to expand its biometric solutions with AI-based RTLS (Real-Time Location Systems) offering for improved safety and productivity at industrial sites and critical infrastructure.

Read more...
ControliD's iDFace receives ICASA certification
Impro Technologies News & Events Access Control & Identity Management
The introduction of Control iD's iDFace facial biometric reader, backed by mandatory ICASA certification, underscores the commitment to quality, compliance, and innovation.

Read more...
The future of workplace access
HID Global Access Control & Identity Management
Mobile credentials are considerably more secure than physical access control, because they eliminate the need for physical cards or badges, support multiple security protocols, and add layers of protection on top of basic card encryption.

Read more...
The Duxbury Services Gateway revolutionises the Edge
Products & Solutions Infrastructure
Duxbury Networking has announced the launch of the Duxbury Services Gateway (DSG) range. These cost-effective edge compute appliances are designed to meet the diverse needs of South African businesses including SD-WAN, Firewall, and IP PBX applications.

Read more...
Integrated, mobile access control
SA Technologies Entry Pro Technews Publishing Access Control & Identity Management
SMART Security Solutions spoke to SA Technologies to learn more about what is happening in the estate access world and what the company offers the residential estate market.

Read more...
Navigating the evolving tech landscape in 2024 and beyond
Residential Estate (Industry) Infrastructure
Progress in the fields of AI, VR and social media is to be expected, but what is not, is our fundamental relationship with how we deploy solutions in our business and how it integrates with greater organisational strategies and goals.

Read more...