Please upgrade to the new Edge browser, or use Chrome, Firefox or Safari, before continuing. Internet Explorer will not support the best shopping experience on the ADI Digital Branch site after March 12, 2021. close button

Mobile Credentials

The Key to Next-Generation Access Control

How do companies leverage the investment taken in the existing access control system to make it work with smartphones?

With the increased use of mobile phones to replace the functionality of plastic stores and bank cards, it’s a natural progression to include access credentials in that mobile phone virtualisation. Not needing to carry physical credentials such as tags or cards combined with the remote provisioning of mobile credentials makes it appealing to all stakeholders involved. 

Remote provisioning also plays into people's post-Covid awareness of contact with surfaces and other people, enabling frictionless or contactless onboarding of users. Issuing credentials remotely is particularly beneficial when physical card hand-over would be difficult or inconvenient. Examples include visitors or colleagues from other sites or, when hotel guests arrive, it could enable a reception-less hotel operation.

Other main benefits of contact-free access control systems are cost implications — deploying mobile credentials on users' smartphones via cloud-based solutions removes any need to purchase plastic cards or pay for their printing and investing in costly credential infrastructure. Replacing, cancelling and reissuing a mobile credential is in many instances essentially costless and enables a business to reduce its use of non-recyclable plastics. Lastly, the security of mobile credentials improves on traditional card-based access control. 

Losing a plastic key card sometimes goes unnoticed, heightening the threat to site security due to a longer reaction time from the security manager to disable the card. A missing mobile phone is likely to be noticed more quickly, allowing access permissions to be swiftly cancelled or amended over the air as everything happens instantly inside the credential app. Even if a missing phone is not spotted immediately, almost every device now has a built-in failsafe such as biometrics, fingerprint or face ID screen-locks, stopping any casual thief from using a phone's mobile keys.

What are the common communications standards used for mobile phone credentials, and what are the key differences?

BLE (Bluetooth Low Energy)Enabled Readers
NFC (Near Field Communication) Enabled Readers
Operating Distances
BLE- enabled mobile Readers have a programmable, high-speed, encrypted transmission with selectable ranges between 2 and 30 feet, making them ideal for hands-free Electronic Access Control applications. Some BLE apps also can communicate from inside a pocket or purse when the app is open, making it much more convenient than NFC. Installers can provide adjustable read ranges and differ them for various applications.
NFC-enabled mobile readers allow for the contactless exchange of data via wireless technology over short distances and are the same technology used to enable contactless payments. This typically requires tapping or twisting the phone on or near the terminal. Closer proximity prevents interference from other devices communicating from farther away.
Device Availability
All smartphones are Bluetooth-enabled. App-based solutions use a smartphone to trigger a door event directly.
NFC is only available on Android devices or limited to Apple Pay on iPhones
Although Bluetooth readers are generally mounted on the doors' secure sides, outdoor readers are available if a specific application requires them.
Since NFC readers have such a short and limited read range, they must be mounted on the unsecured side of the door and encounter all the problems such exposure can breed.

How do companies leverage the investment taken in the existing access control system to make it work with smartphones?

A common question installers get asked is about the challenges of switching standard electronic access control systems for mobile access control systems — especially for businesses which may not have a large or specialist in-house security team. In many cases, there will be no disruption to existing doors or door operators and no drilling around the door. Depending on your client's existing brand and the type of readers and access control panels, a rip-and-replace strategy might not be required. Many multi-technology readers are designed with mobile credentials in mind and can be easily upgraded to allow for mobile access.

It's also worth mentioning that often plastic credentials co-exist alongside mobile credentials seamlessly, so during the upgrade, the reader can be configured to only read credential types as desired by the client, allowing for a smooth transition to full mobile access.

When implementing mobile access, what are some of the things to consider before deciding on which type of reader to invest in?

Before advising your client, it's worth noting that the architecture that underpins a mobile access control solution comprises more than smartphones. System elements also include - mobile reader selection, transaction security, mobile app integration and potentially back-end integration.

A few things to consider before deciding upon a particular technology are:
Is the objective to combine the use of mobile devices and smart cards, or to transition to using only mobile devices?
Addressing and evaluating the various access control scenarios needed at a specific site
Outlining which of these scenarios mobile access control is expected to play a role in
How to ensure security, privacy and convenience for all access scenarios (access to doors, data and cloud applications)
The number of users the system will serve
The different roles and access rights which need to be assigned and managed
New processes or policies that might need to be established?
How mobile access controls would be integrated with back-end systems
Areas which need to support mobile access: for example, parking garages, main entrance doors, elevators, office doors, and computer server rooms
Which communications standard(s), BLE vs NFC, would be appropriate for user applications
The mechanism of securing over-the-air communication between servers, mobile devices and readers
How you would ensure that your client's investment in mobile can be leveraged well into the future

Related Resources

close button