Mobile Credentials: A Seamless and Sustainable Approach to Access

As mobile credentials become ubiquitous, mobile access systems become more powerful

Sanjit Bardhan headshot
Sanjit Bardhan is vice president and head of mobile for HID Global.

Picture going to the office and quickly entering by just tapping a smartphone against a digital reader. There is no searching for keycards or badges, just seamless access granted. As you make your way through the building, from the lobby to your designated floor, the lighting adjusts automatically to your presence. Behind the scenes, security managers have peace of mind knowing that access is tightly controlled and managed remotely through a cloud-supported platform, while building owners have confidence that their buildings are operating efficiently and securely.

This shift in how individuals navigate modern building environments is the essence of mobile access control. Around the world, a growing number of organizations are leveraging the benefits of mobile access technologies to enhance security and employee access management. And as credentials are integrated with digital wallets, mobile access is taking on new dimensions.

Convenience Meets Security

Mobile access through digital wallets simplifies controlled access to buildings and elevates the user experience. While digital wallets have been around for payment transactions for some time, they are now holding medical prescriptions, travel documents, driver’s licenses, ID cards, insurance information and more. With the integration of employee badges into digital wallets, individuals can authenticate themselves to their employers using their smartphones or smartwatches and seamlessly access office doors, elevators, turnstiles, parking lots and many other building locations and amenities. There is no need to carry physical plastic badges or keycards, lowering costs associated with printing, maintenance and replacement. This shift to digital credentials also aligns with sustainability goals by reducing plastic waste.

With mobile devices now ubiquitous, particularly among younger, digitally native generations, mobile access is a logical step for organizations seeking seamless and enhanced access control.

The 10 questions below can help security professionals and decision makers better understand how these systems work and how to deploy them successfully.

1. Have you considered all of the opportunities in the organization?

Access systems are not just about building entry and exit. For example, mobile access can be integrated with smart building controls to manage facilities more sustainably through real-time location systems. By sharing pertinent occupant data, the smart building system can optimize operational efficiency by adjusting temperature settings, particularly in underutilized areas of the building. This not only enhances comfort but also contributes to achieving green building goals by reducing energy consumption.

Mobile access systems can also be used in various scenarios. For example, employees, tenants and visitors may now use a mobile identity for building access but have to use a plastic card to check in at a time clock. Companies can achieve the greatest implementation success by allowing mobile access use for every application in their environment.

2. Do you understand all of the elements in a mobile access system?

When starting a deployment, it helps to review the essential elements that go into a mobile access system. Typical systems usually consist of four main components.

  • Hardware This includes the credential reader units placed on walls, doors, elevators, turnstiles, etc., wherever access is required.
  • Mobile credential – This is the actual credential that is downloaded onto the user’s device.
  • Cloud platform – A mobile, cloud-based service stores and processes data, helping administrators easily and efficiently manage user enrollment, credential provisioning, lifecycle management, data privacy and other tasks.
  • Delivery technology – This is what provides system capabilities and functionality, either directly or via a customized app provided by a technology partner.

3. Have you assessed your specific needs?

Every deployment is unique, and security practitioners and integrators should consider several factors.

  • Readers – Determine whether readers are already enabled for mobile deployment or need to be upgraded. Some readers can easily be made mobile-capable by adding a small device, while older legacy readers may need to be fully replaced. Check with the manufacturer for mobile readiness, as more modern readers can be easily reconfigured, even if they were originally installed for traditional card access.
  • End user preference – Identify preferences, such as iOS or Android.
  • Number of credentials – Determine how many mobile licenses will be needed now and in the near future.
  • Use cases – Some organizations may need a mobile access system to only open doors or secure areas. Others may need a system that covers a range of uses, from doors and turnstiles to secure printing and network access.
  • Implementation – Is it possible to transition to mobile in a single phase, or should it be implemented over time? It is important to remember that the readers should be as interoperable as possible to support mixed use of access control technologies.

4. Do you understand mobile access communication standards?

A mobile system relies on one of two types of communication standards to connect the mobile device with the reader: Bluetooth Low Energy (BLE), which can operate both at close range and from longer distances, and near-field communication (NFC), which operates at very close range, making it ideal for applications of less than 10cm. Both standards support iOS and Android devices. Because building environments and readers vary, the ability to fine-tune the reading distance depending on the desired opening mode – such as long-range, tap or gesture-based – can be an important feature.

5. Are you considering an end-to-end system?

From smart devices and mobile credentials to readers and locks, creating a secure environment should include a holistic view of the system. Along with selecting readers and locks, mobile access deployment also requires creation and management of mobile IDs and the building of multilayered authentication for physical and logical access control. Organizations must also ensure secure, seamless provisioning with the ability to monitor and modify security parameters.

6. Are the subsystems interoperable?

Within mobile access, interoperability allows different products and technologies to exchange usable information. For example, an effective system works across multiple applications, from accessing a conference room to entering a parking garage. Direct application programming interfaces (APIs) within the mobile access system allow integration with multiple types of mobile devices and back-end systems.

7. Are all of the stakeholders aligned?

In the past, access system buying decisions might have been handled by the security department alone. Now, particularly in larger organizations, many more stakeholders, including IT and HR, are involved. Providing information for these stakeholders to better assess the value and functionality of a mobile access system helps make it easier to achieve cross-department cooperation.

8. Have you considered the total cost of ownership?

Pricing a mobile access system may require a different approach from what is typically used because a 1:1 comparison with card-based systems can be misleading. While plastic credentials are typically a one-off cost, mobile credentials operate on a subscription-based model. Reputable manufacturers will provide cost of ownership tools that allow organizations to compare expenses in a standard use case.

For stakeholders interested in meeting sustainability goals, a mobile access system accelerates the path toward eco-friendly operations by eliminating plastic cards. Look for mobile access systems that carry independent certifications to validate their contributions. Mobile access systems can also contribute to LEED certification.

9. Are you addressing data privacy concerns?

The adoption of mobile access significantly reduces the risk of credentials being lost or cloned. Mobile access solutions that have earned third-party certifications ensure the system is highly secure and reliable. If an enterprise spans different regions, it is important to make sure the system has country-specific compliance certifications.

10. Have you chosen the right partners?

The transition to mobile access requires an ecosystem of partners, from the manufacturer of the system to the integrator that installs the readers and integrates the various software and hardware platforms in the facility. Range of experience, verified security credentials, and a wide solutions portfolio all matter when it comes to mobile access deployment. Whether at a regional real estate company or a large university, it is important to select partners that understand the site’s unique needs, provide customer-driven solutions, and make the transition as seamless and cost-efficient as possible.

Mobile access experts can help to assess needs and recommend future-proof components, making it easier for the system to evolve along with mobile technology. Likewise, the right partner can provide regional expertise at the global level, which enables scaling solutions from one part of the world to another.

Mobile access control represents a pivotal evolution in security applications, offering a potent combination of convenience, security and adaptability. From a seamless end user experience to making progress toward sustainability goals, these solutions provide many benefits to organizations of any size. Understanding the fundamentals of the system, as well as key factors to make the deployment successful, can help security practitioners open doors in new, more efficient ways.