Mobile Access Adoption

Mobile wallets accelerate across a growing range of applications

Smartphones and other mobile devices have had a profound impact on how the world securely accesses the workplace and its services. The growing adoption of mobile wallets and the new generation of users is compounding this effect.

There is an enormous level of synergy between digital wallets that are accessed through a mobile app, and the mobile-access solutions used in office buildings, college campuses and a wide range of other facilities.

Making the most of this constructive collaboration requires a flexible, scalable and easy-to-upgrade security infrastructure that is delivered through a multi-faceted Physical Access Control System (PACS) solution. Organizations can integrate this type of future-safe infrastructure with existing corporate apps and/or mobile wallets, improving the user experience while strengthening security, more easily incorporating innovative technology advances, making operations more efficient, and contributing to sustainability initiatives.

A Future-safe, Flexible PACS Foundation
The primary appeal of integrating mobile access with mobile wallets is that it enables users to access physical places and digital spaces using the same digital wallet app they already use to make everyday purchases, thereby reducing yet another physical card/fob that they previously carried. Delivering this benefit requires that organizations replace their legacy access control systems with future safe and flexible PACS solutions that support mobile access.

Creating this future-safe foundation starts with a flexible and non-proprietary open-architecture framework that includes modern security protocols and open Application Programming Interfaces (APIs). This future-safe foundation can be achieved with open-architecture, IP-enabled platforms that use controllers such as the HID Mercury or HID Aero product lines to communicate with readers such as HID Signo and others using the Open Supervised Device Protocol (OSDP) interoperability standard.

This provides the flexibility and technology interoperability necessary for hardware to be integrated into any access control system software or security application. This type of infrastructure also unifies PACS and security management while creating a more streamlined operations workflow that eliminates the need to monitor disparate access control, video surveillance, intrusion alarm and other programs.

Alternatively, a cloud platform like HID Origo can be used with its combination of APIs, SDKs and smart-card-based and mobile access credentials. This open-platform approach makes it possible to build integrated access control solutions through the cloud. APIs connect provisioning and management of digital credentials with, for instance, security or building management systems, while SDKs are used, for example, to integrate HID Mobile Access into a building’s smart device apps.

With either the IP-enabled or cloud-based approach, the flexibility of multi-faceted architectures and platforms gives organizations the most options possible when designing and deploying their infrastructure. This is increasingly important as the days of “keeping the bad people out” are giving way to “letting the right people in and allowing them to move freely.”

There are several prerequisites for deploying this type of infrastructure. First, organizations must be able to preempt threats on an ongoing basis, through upgrades that can be implemented when budget permits, without the need to “rip and replace” their hardware.

The next prerequisite is ensuring that mobile IDs are encrypted with at least AES-128, developed by the National Institute of Standards and Technology (NIST). For additional security, the system should store mobile ID keys on the access control reader’s Secure Element (SE) to prevent mobile ID extraction. The privacy and security of sensitive data should also be protected through compliance with international standards like ISO 27001, SOC2 and GDPR.

Organizations also must ensure that mobile IDs can be used with both IOS and Android devices. All mobile-access credentials should be integrated with existing corporate apps and/or mobile wallets, and the readers used to open doors should similarly integrate with the systems that enable users to unlock their desktops, printers, cloud applications and various other non-PACS entitlement systems.

Another prerequisite is reader support for Bluetooth® Low Energy (BLE), Near Field Communication (NFC), and physical smart cards, depending on the preferred modality of reader-device communication. For optimal connectivity and to streamline future upgrades, the readers should support the secure OSDP standard to offer an easy transition from legacy protocols while providing valuable new capabilities. All credential data should be encoded in a format that is easy to integrate with different vendors’ devices and systems to ensure that there is a seamless integration with current access control technologies and policies.

Evolving Use Cases
The property management industry was an early and active adopter of employee badges in mobile wallets, especially to support flexible and hybrid workplaces. An attractive emerging application adds “proof of presence,” using mobile location information to ensure, for instance, that no one can access property after-hours or when otherwise not permitted.

Use cases are also expected to evolve as access control continues to move beyond phones and tablets to support wristbands, watches and other wearables. With mobile access being such a versatile solution, use cases grow exponentially thus giving rise to the term “Use Case Explosion.”

Sustainability initiatives are yet another growing use case for mobile access, which reduces or even eliminates plastic card usage. To further improve sustainability, organizations can move access-control processes to the cloud and leverage the Internet of Things to combine connected architectures, multi-applications and mobile devices. Mobile location services can be leveraged in these use cases, as well, to provide the real-time, actionable occupancy data that is needed for process optimization.

When access control systems are integrated with HVAC, lighting and other building automation systems, there are even more resource-saving opportunities. With codes and laws on the verge of being passed on reduced carbon emissions and green initiatives, organizations are facing towards adopting more sustainable solutions. This is also leading to changes in the way buildings, properties and assets are designed by consultants and the A&E community.

Building Brand Loyalty While Driving Digital Transformation
Mobile wallet providers are adding momentum to what already was rapid adoption of mobile access in the workplace. Bringing employee ID and student ID badges to mobile wallets has created dozens of moments when a smartphone or other mobile device can be used each day, from locking and unlocking home, office and dormitory doors, to using elevators, turnstiles and parking structures, to completing airport security and boarding processes, to entering a hotel room without checking in at the front desk, to paying for your meals at your alma mater’s cafeteria – all using your phone’s access badge.

The more access interactions the better. This is true for users as well as digital wallet providers who want to build a strong brand connection with their consumers, and for organizations seeking to jump-start their digital transformation journey with a mobile-ready, future-safe access control infrastructure that improves security and sustainability, makes buildings smarter and more efficient, and delivers better user experiences.  

This article originally appeared in the May / June 2024 issue of Security Today.

Featured

  • 2025 Security LeadHER Conference Program Announced

    ASIS International and the Security Industry Association (SIA) – the leading membership associations for the security industry – have announced details for the 2025 Security LeadHER conference, a special event dedicated to advancing, connecting and empowering women in the security profession. The third annual Security LeadHER conference will be held Monday, June 9 – Tuesday, June 10, 2025, at the Detroit Marriott Renaissance Center in Detroit, Michigan. This carefully crafted program represents a comprehensive professional development opportunity for women in security this year. To view the full lineup at this year’s event, please visit securityleadher.org. Read Now

    • Industry Events
  • Report: 82 Percent of Phishing Emails Used AI

    KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today launched its Phishing Threat Trend Report, detailing key trends, new data, and threat intelligence insights surrounding phishing threats targeting organizations at the start of 2025. Read Now

  • NRF Supports Federal Bill to Thwart Retail Crime

    The National Retail Federation recently announced its support for the Combating Organized Retail Crime Act of 2025. The act was introduced by Chairman Chuck Grassley, R-Iowa, Senator Catherine Cortez Masto, D-Nev., and Representative Dave Joyce, R-Ohio. Read Now

  • ISC West 2025 Brings Almost 29,000 Industry Professionals to Las Vegas

    ISC West 2025, organized by RX and in collaboration with the Security Industry Association, concluded at the Venetian Expo in Las Vegas last week. The nation’s leading comprehensive and converged security event attracted nearly 29,000 industry professionals and left a lasting impression on the global security community. Over five action-packed days, ISC West welcomed more than 19,000 attendees and featured 750 exhibiting brands. Read Now

    • Industry Events
    • ISC West
  • Tradeshow Work Can Be Fun

    While at ISC West last week, I ran into numerous friends and associates all of which was a pleasant experience. The first question always seemed to be, “How many does this make for you?” Read Now

    • Industry Events
    • ISC West

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance.