The use of a mobile phone is ingrained into our everyday routine and they accompany us wherever we go. As Bring-Your-Own-Device (BYOD) becomes corporate commonplace, NFC enabled smartphones are further ushering in a new era for managing trusted identities in the enterprise environment – and physical access control is one of the most convenient, secure and attractive capabilities facilitated by developments in the field.
What could an NFC-smartphone in the workplace do?
For many organisations, the security issues associated with multiple employed ID cards – be these for different sites, buildings or corporate functions – has long been a concern. For employees in an enterprise mobile access environment – where their own smartphones can be used as a digital key – the risk of a breach is reduced. Staff are far more likely to forget or misplace their badge or ID card than their mobile phone, which also happens to carry their ID credentials. NFC ‘digital keys’ essentially replicate the existing card-based access control principles and model via an embedded credential in the handset. The NFC enabled phone communicates identity information to the recipient access-control card reader, which passes the identity to the existing access control system for authentication, and then opens the door.
While physical access control is likely to be the primary use for NFC in the enterprise, the technology lends itself to a number of associated services that can easily be integrated into corporate NFC programmes. For instance, employees can use their smartphones to swipe in for time and attendance purposes, for cashless vending in the corporate cafeteria or even in conjunction with One Time Passwords (OTP) soft tokens that enable a user to log in to their desktop PC.This obvious convenience factor, that sees a secure, user-friendly technology fall into step with employee behaviour and culture, is helping fuel demand in the business world.
Flexibility that doesn’t compromise on security
In order to make the most of this pioneering development in access control, the enterprise needs to employ a system that can allow it to capitalise on the flexibility of mobile access, while also ensuring security is not compromised. From a technical standpoint, in order to secure transactions between NFC-enabled devices in the work environment, the smartphone requires a secure applet to hold the digital keys, an app for the user to interact with, and the actual digital keys assigned to the individual phone. This needs to be met with the accompanying reader hardware in order to recognise the information that the phone is communicating and, most importantly, a trusted identity platform that can manage, deliver, and authorise mobile credentials. This ecosystem creates a managed boundary so that corporate-issued or BYOD devices and their transactions in the enterprise can be trusted, providing a secure communications channel for transferring information between NFC-enabled phones and the other secure media and devices at play in the work environment.
Ultimately, the convergence of physical and logical access control on mobile devices is helping organisations to stay secure in a rapidly changing world, while the employee experience becomes both more fluid and easier. Moreover, with the convenience of over-the-air or cloud-based provisioning, this ecosystem means that the enterprise can provision and de-provision digital keys to the smartphone in question as and when it needs to. In doing so, enterprises can eliminate the ‘traditional’ risk of plastic card copying and simplify the process of issuing temporary credentials, modifying or cancelling them.
From a market perspective, NFC-enabled physical access control represents both a challenge and an opportunity as two sides of the same coin. In order to facilitate wide market adoption, universal NFC-enabled handsets that support the four primary operating systems: iOS, Android, Windows, and RIM, will be required. Network operators will intrinsically become part of the access control equation and, ultimately, the provisioning process. However, given the complexity and diversity of the mobile landscape is itself, all development work will be a big undertaking. Additionally, recent pilots in the field with Netflix and Good Technology, highlight that solutions that do not excessively drain battery, that are available even when the battery is dead, and that don’t interrupt other tasks, are also valuable next steps to be taken.
Harm Radstaak is managing director for EMEA, HID Global.
Free Download: The Video Surveillance Report 2023
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
