Smart phones for credentials and access control
By Raj Venkat
If you look at the history of credential usage, new credentials – whether proximity, smart card or biometric – were always more convenient and more secure than their predecessors.
By Raj Venkat
For instance getting close to an RFID reader is easier than swiping a magnetic stripe card, plus it is more secure. Smart cards provide more applications, such as cashless vending in addition to increased access control security. It is easier and more secure to use biometrics than smart cards. However, while each new credential creates some initial resistance among old-timers who are comfortable with what they are using, there is another group of people who look forward to harnessing new technologies.
The under-30 crowd is tech savvy. They prefer the smart card (One Card) solution that they used at college; smart cards are nothing new to them. This younger generation has only one question when it comes to using smart cards and biometrics in the commercial world. Why aren’t smart cards and biometrics used beyond the campus?
Ingersoll Rand Security Technologies recently undertook a major research project concerning North American students and their use of credentials. Nearly half of all students identify their cell phones as their favorite personal electronic device. Indeed, 91 percent of all mobile users keep their phone within arm’s length day and night.
Nearly half of students are using cell phone apps to perform their daily tasks. Campus apps include managing class work, checking grades, communicating with professors, and receiving notifications and alerts. They are also using apps for the bookstore, bus schedule, maps and discounts.
When it comes to credentials, two-thirds are interested in using their phone in place of an ID card. Why? They feel that they are less likely to lose their phone than an ID card plus they know that ID cards are shared; phones aren’t. In fact, people will almost always notice that their phone is lost faster than noting a card is missing. A quick call to the phone service provider and the phone is shut off, whereas a missing card could be used by another for some time. Those not interested in using a cell phone as their credential are students that either don’t have a smart phone or are concerned about a malfunction, such as the battery dying or the Internet dropping.
There are a great number of early adopters in the user population that are already sold on cell phones being a credential, just like they were sold on the use of smart cards and biometrics.
Near field communication
NFC (near field communication) will inevitably end up on cell phones. No credit card necessary…only your cell phone will be needed for cashless payments or to show your identity.
Could putting a smart phone antenna and chip in a phone replace a smart card? Yes and no. The smart card would be in the cell phone. For those who worry about batteries running out or the Internet dropping, the smart card technology eliminates such fears. A contactless smart card does not need power or the Internet. As long as the cell phone providers will let the technology work as it can, the two biggest concerns could already be alleviated.
Using cell phones as credentials is not a far-fetched idea at all. After all, on the consumer side, we’re already using the cell phone beyond simply having conversations. When you’re not at home, you already can monitor your house through your web-enabled device or smartphone. You can check the status of your door locks, grant entry to your home, and turn your lights off and on. That’s only the beginning. You can receive text or email notifications when family members access the lock, see what’s happening in and around your house, even when you’re not there. You can conserve energy and save money when you’re away from home by controlling your lights and thermostat. Contractors are already creating the infrastructure for such services in much new home construction.
Near field communication provides simplified transactions, data exchange and wireless connections between two devices that are in close proximity to each other, usually by no more than a few centimeters. It is expected to become a widely used system for making payments by smartphone in North America. Many smartphones currently on the market already contain embedded NFC chips that can send encrypted data a short distance (“near field”) to a reader located, for instance, next to a retail cash register. Shoppers who have their credit card information stored in their NFC smartphones can pay for purchases by waving their smartphones near or tapping them on the reader, rather than bothering with their actual credit card.
Co-invented by NXP Semiconductors and Sony in 2002, NFC technology is being added to a growing number of mobile handsets to enable mobile payments as well as many other applications.
A smartphone or tablet with an NFC chip could also serve as keycard or ID card. NFC devices can read NFC tags on a museum or retail display to get more information or an audio or video presentation. NFC can also share a contact, photo, song, application, or video or pair Bluetooth devices.
Emerging technology demonstrations of such Mobile Keys at the ASIS Conference in Orlando this past September showed the possibility of things to come from an access control standpoint. Attendees saw a smartphone being used just like a contactless smart card , placed next to the reader and open a locked door. Since ASIS, there has been great interest in this future credential by those watching YouTube videos of the demonstrations and interacting with other social media outlets.
The Mobile Keys innovation uses NFC technology within smart phones to emulate smart credentials, allowing use of a mobile phone for entry to secure areas. This functionality relies on phones that are produced with an NFC chip included (or a specific accessory case including this circuitry). With such a phone, the end-user will simply download an app to create the ability to use the phone as a credential.
Currently, there are very few phones in use with this capability, but that population is growing every month and the availability of these phones – and their infrastructure – should increase dramatically over the next couple of years. Many end-users are very excited about this new technology and its future use in the marketplace. With this said, it is important to understand that the solution is still in the testing phase and not yet ready for mass commercialization. Plus, at this time, it is hard to determine what the phone providers will charge for having this attribute.
Nonetheless, like smart cards and biometrics, the early adaptors will be on college campuses, ready to bring the technology to the commercial market along with themselves and their degrees.
Raj Venkat is the vice-president of marketing at Ingersoll Rand Security Technologies.