Virtualized credential platforms require new approach for trusting identities

NFC is a short-range wireless communication technology standard that enables the exchange of data between devices over a distance of several centimeters. It’s one of several new platforms that can be used to hold virtualized credentials that previously were stored on contactless smartcards and used to open doors. The same contactless credentials that are programmed to provide various levels of facility access can now be loaded onto a mobile handset and used with NFC for secure access. This eliminates the need to carry any other access credentials and makes it easier for security managers to track who is entering and exiting monitored access points.

NFC-enabled phones can make other contactless transactions, as well, including cashless payment and transit ticketing; data transfers including electronic business cards; and access to online digital content. This makes it easy to combine multiple virtual credentials on a single device for things like secure facility access and the ability to make cashless payments at the facility’s canteen. Cashless payment is rapidly growing in popularity, and contactless payments are becoming increasingly popular in Canada. According to an August 2010 study by Technology Strategies International, an Oakville, Ont.-based tech market research firm, a significant chunk of transactions in Canadian stores will be carried out using cashless payment systems by 2014. The value of contactless transactions is expected to reach $5.6 billion, and there is also strong interest in mobile payments.

NFC enables physical access, cashless payment and other exciting capabilities, but the only way to make them secure is by establishing an identity methodology. This methodology must be based on a comprehensive chain of custody in which all system end points can be validated. Only in this way can identity transactions between the end points be trusted at any time.

Understanding Identity
We often think about identity in terms of the card that carries it. Clearly, though, “identity” can now take the shape of a mobile phone, a USB stick or some other medium. These and other virtualized credentials expand the concept of identity beyond traditional I.D. cards to include many different credential form factors.
 
This new way of thinking is driving fundamental changes in how we deliver and manage secure identity. Today’s new form factors for credentials improve user convenience and flexibility. But they also raise questions about how to ensure that all identities can be trusted. For instance, if a user’s identity resides on a mobile phone, how can one be sure that the device is trusted and secure? Or if a user loses a USB stick that houses his/her identity, how does one end-of-life that device while not affecting the user’s identity/credential residing on another device?

Managing virtualized credentials can be a complex process. In one typical example, a server would first send a person’s virtualized credential over a wireless carrier’s connection to the person’s mobile phone. To “present” the person’s virtualized credentials at a facility entry point, the phone is held close to an IP-based access controller connected to another server. Throughout the process, there must be a way to ensure that the credential is valid? Both endpoints, plus all of the systems in between, must be able to trust each other. There needs to be a transparently managed chain of trust going from one end to the other.

The basis for modern transactional systems has been the ability to trust the identification of a person, computer, website, check, or a credit card. Unfortunately, the effort required to authenticate them has grown exponentially. There is, however, an aspect of secure identity systems that simplifies the problem: like mobile networks, secure identity systems are closed systems. To use them, you generally must complete a background check and sign a legal document to construct the basic blocks describing your identity. It’s this strong authentication and binding that endows a secure identity system’s basic blocks with inherent trust.

To even have a current and valid set of identity blocks usually means that one has passed this bar and is a member in good standing of the closed system. It also means that the blocks and the systems supporting them can be simpler and constructed so that they use industry standards. This is the approach taken with TIP, which enables the validation of all endpoints, or nodes (such as credentials, printers, readers and NFC phones) in the network so that transactions between the nodes can be trusted.

TIP (HID’s Trusted Identity Platform) is a framework for creating, delivering and managing secure identities in a virtualized credential environment. At the heart of the TIP framework is the Secure Vault, which serves known nodes within a published security policy. TIP delivers three critical capabilities: plug-and-play secure channels between hardware and software; best-in-class key management and secure provisioning processes; and seamless integration with information technology infrastructures.

Data security, privacy and reliability are ensured in the TIP environment using symmetric-key cryptography, so that all nodes can execute trustworthy transactions. Once a “handshake” is accomplished between the Secure Vault and a node device, then the device is deemed to be “trusted” in the network. Trusted devices no longer must communicate with the Vault, and may operate independently. In this way, the transaction between nodes, such as a credential and a reader, is trusted and the resulting transaction, such as opening a door or logging onto a computer, can also be deemed trusted.

NFC-based access systems and other virtualized credentials will enable a new era of more convenient and secure transactions. Delivering on this promise will require a simple but protected, fully scalable and standards-based identity delivery system. These systems will need to support a wide variety of identity nodes — ranging from readers and cards to NFC-equipped mobile phones — that each can be registered as a “trusted node” so that it can be securely provisioned anywhere in the world.

Dr. Tam Hulusi is senior vice president at HID Global.