Mobile Credentials For Enterprise Access

♦ Mobile credentials for enterprise access control solutions – are they worthwhile or not?

There are pros and cons to use of mobile credentials for enterprise access control and they apply to smaller applications as well as larger ones.

A benefit is that you able to eliminate cards and this may proffer a financial saving, as well as higher security. There are stories of large infrastructure customers still stuck in proprietary-land who are paying $25 per card for 26-bit formats, which is unthinkable in 2022.

Using NFC-enabled phones may eliminate some of this cost, as well as making issuing of credentials easier to manage – the process can be conducted by an authorised user through a secure invitation. Obviously, NFC credentials represent a form of recurring revenue for access control providers, so there is an operating cost to factor in – cost will be lower, and the process will be self-managed by users.

RFID-based NFC is not intrinsically bulletproof – bear in mind NFC was developed for quick transactions with automatic connections that don’t require users to use passwords. Core NFC protocols may not encrypted – instead security needs to be applied by developers at the application layer.

NFC credentials for security applications are typically secure to the level of 13.56Mhz access control cards, comply with OSDP, and can give additional layers of security – often on-device face recognition – that applies to user access to their own smart device.

This security layer may then be duplicated if users need to access a security app to activate their credential in order gain access to a site. The extra layer makes the process more secure but it’s higher touch and may slow the access process at busy times.

In either case, if the user is unable to authenticate their own smart device and then the security app that activates the access credential, then the NFC credential contained in the security app can’t be used to gain access to a site – no plastic card can offer this level of in-device security.

Something that does need to be considered with NFC is credential burn, though this applies to very large credential libraries in applications were high churn is anticipated – for instance clubs or gyms.

Depending on the provider, an NFC credential applied to a mobile device may be lost if the user leaves the organisation, but this does not necessarily apply. Some providers – HID springs to mind – will issue a new mobile ID to a new staff member using the same credential license should the original ID holder leave.

There are other issues with NFC relating to failure of a smart device or loss of power – it’s certain other cardholders would facilitate access for workmate whose phone battery had run out, creating potential tailgating issues.

Taking all this into account, we still think mobile credentials are especially convenient for enterprise applications, especially if a security policy around smart phone configuration is generally adhered to by an educated team.

#sen.news #SEN #SENnews #security #electronics