Bridging the Gap

Setting up a cost-effective infrastructure to read mobile ID cards

The mobile ID revolution is gathering pace, but not everyone has a smartphone today, and many citizens prefer to carry a physical card. How do government agencies manage this transition from physical to mobile, and ensure they can issue both cards and mobile ID at the same time? How do agencies set up a cost-effective infrastructure to read mobile IDs with common devices? It’s still early in this developing story, but the path for the latest smart card and mobile ID technologies needs to be defined.

The number of physical ID cards distributed by governments continues to grow, and the security of these cards continues to be improved. New features make them difficult to forge, particularly when security features are further enhanced by personalization, and many countries have deployed electronic identity cards (eIDs) containing additional security in the embedded chip.

While the use of cards is rising, mobile credentials are also being developed that deliver a cost-effective and convenient citizen ID experience. New technologies have enabled these identity credentials to be enrolled, provisioned and used on mobile devices. They are securely delivered to citizens’ mobile phones, where they can be presented in a way that does not compromise security or privacy.

Weighing the Benefits

Mobile credentials offer many benefits, one being that they give citizens greater control over what identification information they share, whether in person or remotely. For instance, citizens need not divulge their name, address or any other identifying information, except age, to a cashier when purchasing age restricted goods.

Mobile credentials lower deployment barriers by eliminating the need to create an expensive reader infrastructure. In many cases, the mobile credential can be verified by another mobile device over a Bluetooth Low Energy (BLE) or near-field communication (NFC) connection. This verification process may take place in an on-line or off-line scenario, with the BLE connection providing additional functionality for verifying at distances up to about 98 feet.

As mobile IDs are introduced, governments will adapt their single- purpose use into a multi-service model where a variety of functions and services are enabled through one mobile device. This will foster much better communication and interaction between the government and their citizens.

As attractive as these benefits are, the advent of mobile credentials should not be considered the end for physical documents. Identity and travel documents are defined by numerous standards that ensure commonality of authentication and encryption approaches, which do not yet exist for digital credentials. It could be several years before these standards are completed and mobile credentials are widely accepted as IDs or proof of privilege. Additionally, the functionality and security of mobile identity relies on the use of smartphones, which are not universally carried by citizens and the distribution of which varies greatly across demographics.

The real challenge with mobile IDs, then, is how to deploy them in such a way as to accommodate their co-existence with physical cards, today and in the future. One answer is a single infrastructure for issuing and authentication of both ID types, supported by encryption and security levels that are at least as high as—if not higher than—those in established security documents.

One big advantage of supporting both physical and mobile ID types is that it gives governments the opportunity to implement strong authentication by having each form factor act as a trust anchor for the other. As an example, citizens could use their phones to authenticate their card or passport visually, or possibly read the chip that is embedded within an order to be issued with a mobile ID for instance. Additionally, a multi-factor authentication strategy could be implemented which requires the physical and mobile credentials to be present to access a secure service such as a person’s health records.

Making the Transition

New technologies need to bridge the gap between the physical credentials of today and the mobile credentials of the future. They should enable organizations to issue a physical or mobile credential, or both, from a single source. They should enable the credentials to be efficiently authenticated via a single verification infrastructure. This type of infrastructure could be low-cost and easily distributed, such as through an app or a simple, low cost hardware device.

With this level of flexibility, a government can, for instance, issue mobile-enabled ID cards that can be read by simple mobile phones. Or, it can issue mobile IDs on smartphones that can be read by bespoke readers with, perhaps, biometrics or other special functionality. Governments can decide the capabilities they want to support and how much they want to spend on their infrastructure, and when, and scale the platform accordingly to deliver incremental new mobile benefits.

Governments are looking at new approaches to enhance citizen identity schemes. Physical ID cards will continue to be widely used as the primary source of identity documentation, at least for now. At the same time, the use of mobile citizen ID credentials is gathering pace as governments seek to improve convenience and communication with their citizens. Making the transition to supporting both ID types requires smart solutions that meet the requirements of citizens and governments while still delivering a high degree of security, privacy and trust.

This article originally appeared in the October 2017 issue of Security Today.

Featured

  • Data Driven, Proactive Response

    As cities face rising demands for smarter policing and faster emergency response, Real Time Crime Centers (RTCCs) are emerging as essential hubs for data-driven public safety. In this interview, two experts with deep field experience — Ross Bourgeois of New Orleans and Dean Cunningham of Axis Communications — draw on decades of operational, leadership and technology expertise to share how RTCCs are transforming public safety through innovation, interagency collaboration and a relentless focus on community impact. Read Now

  • Integration Imagination: The Future of Connected Operations

    Security teams that collaborate cross-functionally and apply imagination and creativity to envision and design their ideal integrated ecosystem will have the biggest upside to corporate security and operational benefits. Read Now

  • Smarter Access Starts with Flexibility

    Today’s workplaces are undergoing a rapid evolution, driven by hybrid work models, emerging smart technologies, and flexible work schedules. To keep pace with growing workplace demands, buildings are becoming more dynamic – capable of adapting to how people move, work, and interact in real-time. Read Now

  • Trends Keeping an Eye on Business Decisions

    Today, AI continues to transform the way data is used to make important business decisions. AI and the cloud together are redefining how video surveillance systems are being used to simulate human intelligence by combining data analysis, prediction, and process automation with minimal human intervention. Many organizations are upgrading their surveillance systems to reap the benefits of technologies like AI and cloud applications. Read Now

  • Right-Wing Activist Charlie Kirk Dies After Utah Valley University Shooting

    Charlie Kirk, a popular conservative activist and founder of Turning Point USA, died Wednesday after being shot during an on-campus event at Utah Valley University in Orem, Utah Read Now

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.