Convenience, security and savings drive growth of mobile credentialing

Access control cards and readers long ago replaced mechanical locks and keys for enterprise security. Now, those plastic cards are giving way to mobile credentials that communicate with readers using a smartphone virtual key.

It's a rapidly growing solution. Mobile credential downloads are estimated to increase by more than 100 percent annually between the base year of 2017 and 2022. By 2022, about 20 percent of currently installed access control readers are expected to be mobile capable.

Convenience, security and cost savings are factors driving the growth of this cloud-based technology. People use smartphones and apps to pay for groceries or request a rideshare pickup. Frequent travelers bypass the front desk and go straight to their hotel room using their phone as a key. A tech-savvy generation of new hires wants to work for companies on technology's cutting edge.

Corporate users are embracing the idea of cloud-based hosted and/or managed access control. Access Control as a Service (ACaaS) and mobile credentialing share benefits including a higher level of security than card-based systems.

The widely used proximity (prox) access control protocol has been hacked repeatedly. Even more secure protocols are still worrisome if a loaned, lost or stolen card finds its way into the hands of the wrong person. Mobile credentialing, however, can be configured to require a user to possess the device and enter a PIN and/or a biometric identification to start it. Corporate authorization, typically extended through an email invitation to the users work address, is needed to download a mobile app that triggers the credential.

People usually aren't inclined to loan smartphones, which are often loaded with personal data, and lost or stolen phones are likely to be noticed quickly. GPS technology can allow employers to know — with appropriate privacy safeguards — the location of each device.

Mobile apps support multiple security protocols that may vary by facility location or even among doors within the same building. For example, a door to a high-security lab may require the device to communicate with a door reader while a second biometric reader authenticates an employee's identity. Accessing a conference room may only require an authorized smartphone and app.

System administrators appreciate the convenience and efficiency of mobile credentialing. As in the hotel scenario, visitors arrive at a corporate site ready to go to work without stopping to pick up a card. Unlike plastic badges, smart credentials can be remotely reused, transferred, and issued or deactivated. A wireless upload to the app and readers are all that are required to add new access control features and functions.

Mobile credentialing costs are predictable. Organizations pay only for needed credentials, eliminating the direct costs of plastic badges, printers, handling and incorrect orders. Think of the savings at a large university which creates thousands of new student credentials each year. Digital credentials also are a more sustainable option.

Mobile credentialing also enables customizable response ranges. A system may work as a frictionless, hands-free solution enabling users to enter pre-authorized doors while keeping their devices in a pocket, backpack or bag. Some organizations ask users to present their smartphones to a single reader. That works well when used with entry turnstiles and tightly bunched readers that may be confused by the 30-foot radius of the smartphone's Bluetooth Low Energy communications protocol. Either way, it's essential to create a common experience. You don't want to train hundreds or thousands of employees to use a system in different ways at different sites within the same organization.

Another factor driving adoption of mobile credentialing is a new generation of hybrid readers that support both a wide range of traditional plastic cards and mobile credentials. Add-on readers can be hidden in a wall or a ceiling to add Bluetooth capability at most existing installations. These new readers provide a cost-effective bridge for a planned migration from plastic to mobile credentials.

With thousands of legacy card-based systems in place, don't expect plastic credentials to disappear overnight. But our technology-driven society has shown an inclination toward solutions that drive efficiencies in our daily lives. That's why mobile credentialing is already the mainstream choice for many organizations looking for a proven way to improve access control.

Greg Berry is vice president, mobile credentials for LenelS2.