By Robert Lydic
The NFC Wallet is the technology that is turning the access control industry upside down. It is a wonderful juxtaposition of legacy methodology combined with technological disruption. A familiar behavior of presenting a credential in a known manner with an explosion of new use cases with new market entrants.
This single technology that has been unlocked to the access market by the global technology giants of Apple, Google, and Samsung stands to reorganize the balance of market share that has largely remained stagnant since the 1980s. Similar to seismic changes that occurred in the video surveillance market that upended decades old industry leaders, NFC Wallet credentials have started a rumble that may reorganize access control in a way that will forever shake the status quo.
Let’s first start with a little background of what is an NFC Wallet credential for access control. It is an access credential that is provisioned inside of the Apple or Google Wallet that can be presented to a traditional access control reader. The credential is a part of the device and not an “app.” It is exceptionally secure, easy to use, and can even be configured to be used when the phone is dead.
In order to understand the “how,” one must first understand the “why.” In a future story, I will write about the “how,” but today I feel we should start with why the NFC Wallet is disrupting access control.
Apple and Google
These two companies have fundamentally changed hundreds of industries. Computers, phones, music, movies, advertising, watches, cameras, videos, video gaming, and software as a whole. In each industry, there were massive multibillion dollar incumbents who employed intelligent business leaders and engineering talent.
Each industry failed to stop the entrance and eventual domination of predominantly Apple and Google -particularly when the opportunity was worth over a billion dollars and further- when those firms drove adoption and use of their mobile devices. Using the Apple or Google Wallet for both validation of identity and for opening a door is exceptionally valuable to both corporations and will result in billions of additional revenue.
The Mobile Device
Pew Research stated earlier this year that 97% of all Americans own a cell phone and 85% of all Americans own a smartphone. The power of this device and the ubiquity of its use has invaded all aspects of our personal and business lives. The variety of business tasks that it can perform combined with privacy of the individual and the validation of corporate identity makes it ideal for replacing the physical access control card.
With Apple and Google finally providing access to the NFC Wallet applications, corporations can tie their logical access system to their physical access control while utilizing their Single Sign On (SSO) and other IT infrastructures. Added benefits include the truth that individuals rarely are without their phones, the complete opposite of physical access cards which are replaced at a rate of 15-20% of the workforce per year.
The NFC Wallet credentials can also involve little to no human involvement in deploying them or replacing them, saving enterprise customers hundreds of thousands of dollars in implementation costs.
Destruction of Proprietary Credentialing
Since the beginning of access control, manufacturers have introduced proprietary credentials to integrators and end users in an effort to capture a lifetime spend of a customer. Most commonly, it was done through a simple piece of plastic with an antenna, the access control card. From that simple decision, manufacturers were able to control what readers were used, what electronic locks were used, and even what access control was used.
This proprietary trap however had one major weakness. In trapping customers, it didn’t allow the access control market to expand beyond a boutique industry. Innovation was stunted and manufacturers governed what technologies were enabled through the access control hardware.
End users, however, are adopting related SSO authentication software, where IT systems are leveraging interoperable platforms, and they are nearly all being done in the cloud. They want the same from their access control and through the NFC Wallet. The same trusted SSO software can provision that same identity into an access control system via newly introduced software providers. For end users, it provides continuity of business processes, leverages existing investments, and provides a single source of truth.
Validation of Identity
Being able to definitively know that the individual presenting an access control credential is indeed the real person has been a frustration since the first product introduction. As a result, access control systems created esoteric software rules such as global anti-passback, multifactor authentication, and even added biometrics.
In the IT space, however, this problem was securely solved by Google, Apple, Amazon, Microsoft, IBM, Okta, and Oracle. Today nearly every single authentication system in our corporations utilize these IT giants for validating the person accessing a computer, software program, or video meeting. More often than not, it even requires two factor authentication with the passwords changing every 90 days.
With the NFC Wallet, these established SSO systems can be used to validate who is provided a digital access control credential and that it is indeed that person. This can also be combined with other multifactor authentication of the access reader or other technologies.
In speaking to over 200 enterprise end users over the last six months, this single “why” is the most valuable use case for the NFC Wallet.
Life Cycle Management of Credentials
Do you really need to bring an individual into an office to take a picture and then print it on an access card? How many staff (and cost) does it take to maintain this and how many card printers, cards, and consumables does a corporation need? What happens when an employee is terminated or leaves? What happens if a credential is lost? How does a company address their extensive remote working staff?
All of these items are addressed with the NFC Wallet credential from Apple and Google. The NFC Wallet credential can be provisioned to any employee, in any location, in seconds, and can also be decommissioned in seconds in the event an employee departs the corporation.
If an employee misplaces their phone, they can log into their iCloud account and suspend the credential, which automatically removes it from the access control system. When the smartphone is found, the user can reactivate it automatically which enables their Wallet credential to function. End user corporations are finding substantial value in this lifecycle management of access credentialing and are saving huge sums of money as a result of the technology.
Access control is security. However, having an access control credential that is fundamentally secure has not always been at the core of access control. A very substantial portion of the market still utilizes easily hackable credential technologies of magnetic stripes, proximity cards, and other compromised technologies.
The NFC Wallet, however, is the most secure credential that access control has ever utilized. Starting at the user experience of authenticating to the SSO of the corporation, the security of the Wallet is unparalleled. Added security in unique identifiers that tie the reader to the individual access credential and then utilizing the most secure AES 256 bit credential technologies from NXP (formerly Philips Semiconductor) make the user end of the security experience superior to that of simply a physical access card.
However, this is just the start of the security journey. The entire backend security provided by access control companies like WaveLynx that tie to Apple and Google’s Wallet security provide an infrastructure of peace of mind. This backend infrastructure is the same security provisions that are now securing billions of dollars of financial transactions in the Wallets.
Securing car doors, enabling entertainment tickets at every major sporting event, and even providing drivers licenses in several states. It is this foundation of trust that is enabling the rapid adoption in the access control markets.
These are just some of the bigger “whys” of the NFC Wallet in the access control market. There are many more and many more use cases that will continue to redefine additional “whys.” The important part is understanding what enables this technology to make sense and to take a second and see the macro level trends that are driving major end users to flock to its use. Apple and Google are in our bespoke access control market and they are not leaving. They are here to enable a new vision and future of access control and they are bringing the ability to innovate and make access control a mainstream technology.
About The Author:
Robert Lydic is a global industry leader in NFC Wallet and in business scalability and in the physical security and access control industry. With over 25 years of industry experience, he effectively creates products and visions that can be embraced by end users and integrators all over the world. Throughout his career, Rob has successfully created, grown and transacted four companies that continue to lead in their respective market segments. After building and selling his third company in 2014, Rob moved to Boulder, Colorado, to join an access control startup where he led strategy and sales that resulted in the business being acquired by Allegion in 2018 where he then led the business in Commercial Electronics. Today, Rob is the President of Wavelynx Technologies, leading the organization to transform the access control industry through an open, interoperable and secure platform. In his role, Rob also leads WaveLynx as the first access control provider of all three major NFC Wallet solutions.
See more articles on WaveLynxwavelynxtech.com