Security Roundtable – Mobile Access Control
19th August 2021 – Greenville, US
As credentials and access control migrate to wireless and mobile solutions, integrators and installers must be aware of the changes in installation and sales strategies.
This roundtable discussion features three different expert perspectives from William Lail, Operating Partner at Safe Solutions; Jonathan Lach, Vice President of Sales for Paxton; and Peter Levy, Director at United Lock & Security.
What are the best angles to take when offering an end-user the shift to mobile from traditional card-based access, and what are the ideal target markets?
Levy: When talking to an end-user about their access control, we explain to them that employees are more apt to loan their card or fob to another person than they are their smartphone. The security in smartphones is much more secure, and when someone leaves, you get that credential back without ever needing to have the user bring in a used, dirty card or fob. We find our target market to typically be multi-tenant office buildings and companies with more than 50 employees.
Lail: End-users who appreciate good technology are drawn to mobile credentials because it is the latest and greatest. I would say the ideal target market is multi-family residential, but it can fit anywhere where customers are interested in using the latest technology.
Lach: Smart credentials are widely accepted across all markets as the technology becomes more robust. One familiar example is AirBnB where smartphone credentials offer great flexibility to access rental properties. The best approach is to tout the many positive attributes of smart credentials:
- Convenience – The very nature of card credentials requires the user to have them physically in hand. Smart credentials allow you to give access to anyone, anywhere, from anywhere, using a device that they will already be carrying on their person.
- Simplicity – Technology is all about making our lives simpler. Most people do not use smartphones just for making phone calls; in fact, they are used less for calls and more for managing daily life. It only makes sense that they should be used as a primary credential. Technology simplifies our lives even further by combining everything on one platform.
- Cost – Usually you pay more for the convenience, but in this case, it is by far the most cost-effective option.
Are there any technology hurdles that still must be overcome when it comes to deploying mobile credentials?
Lail: In my experience, the most difficult part of installing a system that requires an outside communication route is working with the end-user’s IT personnel and their internet provider to make sure that the correct ports are opened.
Levy: Readers use NFC or BLE to communicate, and some employees still have older phones which do not have NFC. As we head towards the future, all smartphones will have these technologies, but companies cannot require their employees to “get with the times” at the employees’ expense, and employers are not going to purchase smartphones for all employees just to be able to gain access to the building.
Lach: Society is heavily reliant on technology and is disappointed if it does not work 100% of the time. The same is true with mobile credentials – if they only work some of the time, it is not a good technology. Making sure mobile credentials interact flawlessly and quickly with the reader to grant access is key to the acceptance of this technology. Technology manufacturers can overcome these hurdles by simplifying their approach. Some companies are making it more difficult by using licenses and charging for the credentials, which can be a headache for users. At Paxton, we believe one way to remove the hurdles is to provide a free, non-licensed deployment that can be set up in seconds. This is easily achieved and, in my opinion, the way forward to gain mass adoption.
What are some of the advantages/differences of the different mobile-enabling technologies, such as NFC and BLE?
Levy: Near Field Communication (NFC) needs to be within a couple inches of the reader to be able to work, where Bluetooth Low Energy (BLE) allows users to be further away from the reader to operate it. The benefit of being closer to the reader is that it takes an act to operate, whereas with Bluetooth, a user can walk past the reader and it will work without the user even knowing that they just unlocked a door.
Lach: Bluetooth’s advantage is very simple. The user has the ability to set the read range to suit their“Wireless access control hardware working with mobile credentials will give the end-user another level of secure access to areas that they were only able to use mechanical hardware in the past.”
Lail: One major advantage is you do not have purchase physical cards (assuming that you are receiving the mobile credentials for free). Another advantage is the ease of use of issuing a smart credential. It is as simple as adding an email in the software
How does wireless access control hardware work together with or further help enable mobile credentials?
Levy: Wireless access control hardware is a real benefit when you do not have access to run wire to the opening. It allows integrators to add access control to places we have not been able to before. Wireless access control hardware working with mobile credentials will give the end-user another level of secure access to areas that they were only able to use mechanical hardware in the past.
Lach: Wireless access control and smart credentials are both pillars of modern access control systems. Customers want the convenience of using their mobile phone for access, and installers want the simplicity, flexibility and speed of installing wireless hardware. Paxton offers both readers and locks that support these technologies.
What steps can integrators take to ensure that mobile credentialing and access control systems are cyber-secure?
Levy: Integrators need to work with the access control companies to ensure the systems are cyber secure as well as work with the end-users to ensure they have firewalls in place and the latest updates. The smartphones should also have virus software and two-step authentications.
Lach: Integrators should always ensure that every building has secure firewall and battery backup systems to protect computers and devices. Secondly, they should always conduct an audit of who should and should not have access. Utilizing a system that has taken appropriate precautions to prevent cyber-attacks is also important. Smart credentials should only store an individual’s personal data as an encrypted token number, so the system can identify that token to a user in the system. Also look for 256bit AES encryption to maintain the highest levels of system security.
Lail: The first step is understanding what the end-user is actually asking for. Customers want to make sure that putting a new system on their network is not opening them up to additional security risks. If they are interested in more security, they would want to make sure that the readers that they are using are using encryption.
Will a time come when traditional card access control systems become obsolete? If so, how soon?
Levy: There will be a time when traditional card access control systems will become obsolete, but I do not see it coming as soon as some may think. There are millions of installations out there that already use traditional cards or fobs. As more access control companies release mobile credential-enabled readers, new installations will be mobile; however, existing systems will still need to be serviced. I do not see obsolescence happening for at least ten years.
Lail: There will always be a need for traditional hard credentials, as long as there are people who are not using smartphones. There are also millions of existing cards and hundreds of thousands of non-mobile-enabled card readers that exist today, which would require a lot of upgrading. One day we may see it, but we are many years from that day.
Lach: It is unlikely that traditional card access control systems will become obsolete, as there are still scenarios where we cannot rely 100% on mobile credentials. Although smartphones are prolific these days, there are still some people who choose not to own them, and they will still require access. An excellent example would be in assisted living facilities, where a card or key fob type credential will be the preferred choice