Bridging the Gap

Setting up a cost-effective infrastructure to read mobile ID cards

The mobile ID revolution is gathering pace, but not everyone has a smartphone today, and many citizens prefer to carry a physical card. How do government agencies manage this transition from physical to mobile, and ensure they can issue both cards and mobile ID at the same time? How do agencies set up a cost-effective infrastructure to read mobile IDs with common devices? It’s still early in this developing story, but the path for the latest smart card and mobile ID technologies needs to be defined.

The number of physical ID cards distributed by governments continues to grow, and the security of these cards continues to be improved. New features make them difficult to forge, particularly when security features are further enhanced by personalization, and many countries have deployed electronic identity cards (eIDs) containing additional security in the embedded chip.

While the use of cards is rising, mobile credentials are also being developed that deliver a cost-effective and convenient citizen ID experience. New technologies have enabled these identity credentials to be enrolled, provisioned and used on mobile devices. They are securely delivered to citizens’ mobile phones, where they can be presented in a way that does not compromise security or privacy.

Weighing the Benefits

Mobile credentials offer many benefits, one being that they give citizens greater control over what identification information they share, whether in person or remotely. For instance, citizens need not divulge their name, address or any other identifying information, except age, to a cashier when purchasing age restricted goods.

Mobile credentials lower deployment barriers by eliminating the need to create an expensive reader infrastructure. In many cases, the mobile credential can be verified by another mobile device over a Bluetooth Low Energy (BLE) or near-field communication (NFC) connection. This verification process may take place in an on-line or off-line scenario, with the BLE connection providing additional functionality for verifying at distances up to about 98 feet.

As mobile IDs are introduced, governments will adapt their single- purpose use into a multi-service model where a variety of functions and services are enabled through one mobile device. This will foster much better communication and interaction between the government and their citizens.

As attractive as these benefits are, the advent of mobile credentials should not be considered the end for physical documents. Identity and travel documents are defined by numerous standards that ensure commonality of authentication and encryption approaches, which do not yet exist for digital credentials. It could be several years before these standards are completed and mobile credentials are widely accepted as IDs or proof of privilege. Additionally, the functionality and security of mobile identity relies on the use of smartphones, which are not universally carried by citizens and the distribution of which varies greatly across demographics.

The real challenge with mobile IDs, then, is how to deploy them in such a way as to accommodate their co-existence with physical cards, today and in the future. One answer is a single infrastructure for issuing and authentication of both ID types, supported by encryption and security levels that are at least as high as—if not higher than—those in established security documents.

One big advantage of supporting both physical and mobile ID types is that it gives governments the opportunity to implement strong authentication by having each form factor act as a trust anchor for the other. As an example, citizens could use their phones to authenticate their card or passport visually, or possibly read the chip that is embedded within an order to be issued with a mobile ID for instance. Additionally, a multi-factor authentication strategy could be implemented which requires the physical and mobile credentials to be present to access a secure service such as a person’s health records.

Making the Transition

New technologies need to bridge the gap between the physical credentials of today and the mobile credentials of the future. They should enable organizations to issue a physical or mobile credential, or both, from a single source. They should enable the credentials to be efficiently authenticated via a single verification infrastructure. This type of infrastructure could be low-cost and easily distributed, such as through an app or a simple, low cost hardware device.

With this level of flexibility, a government can, for instance, issue mobile-enabled ID cards that can be read by simple mobile phones. Or, it can issue mobile IDs on smartphones that can be read by bespoke readers with, perhaps, biometrics or other special functionality. Governments can decide the capabilities they want to support and how much they want to spend on their infrastructure, and when, and scale the platform accordingly to deliver incremental new mobile benefits.

Governments are looking at new approaches to enhance citizen identity schemes. Physical ID cards will continue to be widely used as the primary source of identity documentation, at least for now. At the same time, the use of mobile citizen ID credentials is gathering pace as governments seek to improve convenience and communication with their citizens. Making the transition to supporting both ID types requires smart solutions that meet the requirements of citizens and governments while still delivering a high degree of security, privacy and trust.

This article originally appeared in the October 2017 issue of Security Today.

Featured

  • Allegion, Comfort Technologies Implement Mobile Credentials at the Artisan Apartment Homes in Florida

    Artisan Apartment Homes, a luxury apartment complex in Dunedin, Florida, recently transitioned from mechanical keys to electronic locks and centralized system software with support from Allegion US, a leading provider of security solutions, technology and services, and Florida-based Comfort Technologies, which specializes in deploying multifamily access control, IoT devices and software management solutions. Read Now

  • Mall of America Deploys AI-Powered Analytics to Enhance Parking Intelligence

    Mall of America®, the largest shopping and entertainment complex in North America, announced an expansion of its ongoing partnership with Axis Communications to deploy cutting-edge car-counting video analytics across more than a dozen locations. With this expansion, Mall of America (MOA) has boosted operational efficiency, improved safety and security, and enabled more informed decision-making around employee scheduling and streamlining transportation for large events. Read Now

  • Security Industry Association Launches New “askSIA” AI Tool

    The Security Industry Association (SIA) has unveiled a brand-new SIA member benefit – askSIA, a conversational AI agent designed to help users get the most out of their SIA membership, easily access SIA resources and find the latest information on SIA’s training and courses, reports and publications, events, certification offerings and more. SIA members can easily find askSIA by visiting the SIA homepage or looking for the askSIA icon in the top left of webpages. Read Now

    • Industry Events
  • Industry Embraces Mobile Access, Biometrics and AI

    A combination of evolving workplace dynamics, technology innovation and new user expectations is changing how people enter and interact with physical spaces. Access control is at the heart of these changes. Combined with biometrics and AI, mobile access control has become increasingly crucial for deploying entry solutions that are seamless, secure and adaptive to user needs. Read Now

  • Sustainable Video Solution Delivered for Landmark City of London Office Development

    An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.