Access control has always been a work-in-progress, readapting itself into new forms driven by the stunning, high-speed evolution of modern technology.

We’ve seen hardware evolve from PIN pads to proximity cards to smart cards, and now — as we prepare to enter the 2020s — we are seeing the rise of mobile credentials for access control on smartphones. At the same time, the software that drives the solutions and supports the readers is also changing, from traditional hard-wired systems with local servers all the way skyward to wireless and cloud.

With each successive generation of access control, new technological capabilities have sought to increase both convenience and security. However, advancements in one area have not always translated equally well to the other.

We have seen some technologies boost convenience but decrease security — as well as others that enhance security but make for a difficult user experience. This is certainly the case for mobile credentialing, and as a result, widespread adoption has stalled.

Fortunately, a new generation of mobile credential solutions is now arriving that promises to vault this technology into the mainstream, as it finally delivers superior performance on both fronts.

Two Steps Forward: Increased Security

Today, the market demand is strong for access control technology that employs mobile credentials that are managed and implemented via apps on personal smartphones, replacing the need for physical cards.

Mobile credentialing has the potential to improve both security and convenience and is delivering enhanced protection in many ways. To date, however, mobile credentialing has done a better job of increasing security than convenience.

This is unfortunate, because for smartphone users – who comprise the vast majority of the public – there are few processes that phones cannot make easier, faster, and more accessible, and users look forward to incorporating new types of applications into their daily routines.

Where mobile credential solutions are an undeniable success is in increased security, a result of technology that leverages the smartphone’s alter ego as a mini computer to provide enhanced encryption.

Josh Perry, Chief Technology Officer at ProdataKey (PDK) of Draper, Utah, an innovator of cloud-based networked and wireless access control products and services, explains, “When using smartphones, your access credential is actually encrypted in the memory of your device, making it much, much more secure than a normal proximity card.”

“The result of all these issues is that mobile credentialing ends up being more of a marketing bullet point than an added value customers fully embrace,” says Perry.

 Finally, some organizations lose out on stronger security while trying to make mobile credentials work with legacy systems. Perry explains that when mobile credentials simply mimic the behavior of traditional access cards, then bad actors can clone that ID and fool the system. “The legacy system has effectively nullified all of the high-tech security that’s implemented by both the reader and in the phone to accomplish the secure communication,” he says.

Read the complete article here