2021 is a big year for Mobile Credentials

2021 is a big year for Mobile Credentials 

Modern electronic access control systems, whether on-premise or cloud-hosted, offer a variety of ways to authenticate users and grant them access to a space. Credentials are typically classified into a few categories, something you have, something you know, something you are, or any combination of these categories (multi-factor).

Keep reading to learn about four of the most common types of access control credentials and how they can help you manage your space more effectively.

In access control and identity management, authentication is done via three factors, namely what you have (keyfobs and access control cards), what you know (passwords) and what you are (biometrics).

Needless to say, more and more people are now using their smartphones to open doors. And 2020-21 is likely to be a big year for mobile credentials, whose market size and deployment are expected to reach a new height.

In terms of the “what you have” factor, regular and smart cards have been in use for a long time, whereby the user either taps the card on the reader or bring the card close to it. Yet more and more, mobile credentials, or user credentials stored in the user’s mobile phone which can then interact with the reader, have become a more popular concept and are increasingly deployed in certain end user entities such as offices, college dorms and hotels.

1. RFID

Historically, the most common credential is RFID technology using some sort of card or fob (something you have). These RFID options can range from basic proximity cards and fobs to more advanced and secure smart cards that use integrated circuit chips embedded into the card itself to provide encrypted communication with the access control readers. Not all access control cards are secure as some can be easily sniffed and cloned. Access control cards can also easily be lost or stolen, which can create a vulnerability.

2. PIN Codes

PIN codes are also a popular method where a PIN code (something you know) is assigned to a user and then used as their credential to access a space. With PIN codes, a user walks up to the keypad on a door and types in a numerical code assigned to them to authenticate and gain access to a space. PIN codes do have some drawbacks as well. PIN codes are often shared, creating a security risk. In addition, PIN codes can be cumbersome to administer and maintain.

3. Biometric

Biometric credentials have grown in popularity over the past several years and can include multiple biometric features (something you are). There are biometric devices that can scan fingerprints, retinas, or the palms of your hand to authenticate you and grant or deny access. Another biometric option is facial scanning where a device can scan a face to determine facial features that can be turned into a hash that can then be used as a credential. Biometric readers have come a long way and can offer a high level of security, but in order for biometric readers to work effectively and efficiently, they need to be installed in the right location and in the right environmental conditions.

4. Mobile Credentials

Perhaps one of the fastest-growing credentials lately is mobile credentials. Mobile credentials allow users to have a credential stored on their mobile devices, usually in the form of a mobile app, that they can use to gain access to spaces providing those spaces have compatible hardware. As a user approaches a reader, they can make an unlock request using a button on their phone or even a gesture, to gain access. Mobile credentials also have the advantage of providing multi-factor authentication easily by leveraging the built-in PIN code functionality or biometric readers of the mobile device for additional security. A system administrator can require that in addition to the mobile credential a user needs to provide either a PIN code and/or a fingerprint/facial recognition, whichever method the mobile device supports. Mobile credentials have grown in popularity so much because just about everyone has a mobile device with them at all times, and they are easy to administer compared to managing RFID cards or PIN codes.

In fact, 2020 is set to be a big year for mobile credentials as suggested by various stats and figures. Gartner, for example, has predicted that in 2020, 20 percent of organizations will use smartphones in place of traditional physical access cards, compared to just 5 percent back in 2016.

Growth drivers

That the mobile credential trend is picking up is quite understandable due to their various benefits, among them the convenience factor. Whereas the user may forget to bring their keycard, they are less likely to forget to bring their smart device. Further, compared to keycards, smartphones are less likely to be lost as users attach greater importance to them. On a related note, since chances are the user already has a mobile device, the end user entity does not have to spend extra cost to make cards for their staff.

Besides those benefits, wider technology availability will drive growth as well. “When they first appeared about 10 years ago, mobile credentials used near-field communication (NFC). Since Apple never provided API access to its NFC capabilities, adoption was limited, because the technology was only available to Android users. Today’s mobile credentials use Bluetooth, which is supported by all smartphone manufacturers and many wearables, such as smartwatches, and is therefore available to virtually everyone with a smart device. Bluetooth also ups the convenience factor since Bluetooth readers allow users to open doors without even taking their phones out of their pockets. If your customer uses a cloud-based access control system, mobile devices can communicate directly with the cloud via Wi-Fi or cellular.
 
Meanwhile, compared to cards, which can be duplicated or cloned, the mobile device has more security features. The biometric function that unlocks the phone in and of itself is a security feature that prevents misuse by others in the even the phone is lost. Meanwhile, the latest technologies also enable communications to be safer between the phone and the reader.
 
Finally, mobile credentials have the “wow” factor. “Everyone loves new gadgets, especially ones that make their lives easier. Mobile credentials are no exception. Our salespeople tell stories of closing deals as soon as they show prospective customers that they can unlock their doors with their smartphone. Property managers have begun listing mobile credentials as one of their high-tech amenities to attract new residents. Users of mobile credential apps write glowing reviews about convenience.

Still not sure which access control credential solution is right for you? We’re here to help.

The goal is no longer just limiting access to a particular space but rather managing that space effectively.

Modern electronic access control systems offer a wide variety of features to allow you to better manage business spaces and to protect your business and your brand.

Working with a qualified security sales consultant will ensure you are not installing old technology into a new installation. There is an access control solution available that is convenient, secure, and works for your user’s technology level. You can touch with SSA Integrate to get proper way, what actual is required for your premises. They are solution service provider for SUPREMA, Magnetic FAAC & certified for Honeywell Winpak Access Control.

Attendance System based on Biometrics

Attendance System based on Biometrics

If you are still using paper and calculator to prepare the salary of the employees then you are wasting your valuable time and missing the benefits of biometric attendance systems. In this era of modern technology, monitoring attendance of each employee to payroll activity has become seamless.

What is Biometrics Technology?

The Biometrics technologies used to measure and analyze personal characteristics, both physiological and behavioral. These characteristics include fingerprints, voice patterns, hand measurements, irises and others, all used to identify human characteristics and to verify identity. These biometrics or characteristics are tightly connected to an individual and cannot be forgotten, shared, stolen or easily hacked. These characteristics can uniquely identify a person, replacing or supplementing traditional security methods by providing two major improvements: personal biometrics cannot be easily stolen and an individual does not need to memorize passwords or codes. Since biometrics can better solve the problems of access control, fraud and theft, more and more organizations are considering biometrics a solution to their security problems. Biometrics gives you an alternative and higher security compared to passwords or pin identification due to the fact that passwords and pin #s can easily be compromised.

Authentication by biometric verification is becoming increasingly common in corporate and public security systems, consumer electronics and point of sale (POS) applications. In addition to security, the driving force behind biometric verification has been convenience. Biometric devices, such as fingerscanners, consist of:

Ø A reader or scanning device

Ø Software that converts the scanned information into digital form and compares match points

Ø A database that stores the biometric data for comparison

To prevent identity theft, biometric data is usually encrypted when it's gathered. Here's how biometric verification works on the back end: To convert the biometric input, a software application is used to identify specific points of data as match points. The match points in the database are processed using an algorithm that translates that information into a numeric value. The database value is compared with the biometric input the end user has entered into the scanner and authentication is either approved or denied.

What is Biometric Attendance System?

Biometric time attendance system used to track each and every person coming to your place is actually who he claims to be or not with its time and other details. It uses finger and face recognition system to verify person's identity and record its time-in and time-out with all required details.

Benefits of Biometric System

Ø It has many advantages over conventional time tracking used at organizations. Typically such organizations maintain a register book, where people entry their name, time-in, time-out and other required details but the problem with this manual system is inaccuracy, time consuming, unreliable and most important is less secure.

Ø Biometric time attendance is very user friendly and easy to use; any person can use it very easily. It is very fast also, user has to see once in front of system and all details including its time will be recorded automatically. In this way it saves lot of time and still record details very accurately. One can avoid early punching, late punching and buddy punching very easily.

Ø Many schools, college used Biometric Time Attendance to track their student's attendance. The Biggest advantage of Biometric Time Attendance over manual tracking is better security. Many shops and shopping mall use biometric time attendance for security purpose and it really works a lot.

Ø If someone wants to use it for business or organization, then they can easily integrate it to payroll systems, account systems and billing systems. So in that way it is very flexible also and it also shows that time attendance system can be used for all type of business and organizations with great flexibility.

Ø In a nutshell biometric time attendance solution permits you to focus on your core business by giving quickest and easiest way to overcome your time tracking issues.

Return on Investment in Biometric System Installations..

Biometric time clocks, which are used to record employee start and end times, are popular in organizations where security is an issue, or where employees may falsely record their time worked. Because biometric technology is more expensive than other forms of time clock identification, such as magnetic badges or personal identification numbers, it is important to evaluate the potential return on investment should biometric devices be installed. In service environments where employees punch in and out to work, return on investment can be considerable because biometric devices virtually eliminate the ability of employees to “buddy punch.” 

In buddy punching, an employee either types a tardy employee’s PIN or swipes the tardy employee’s badge earlier than he arrives to work or after he leaves work. The organizational costs of this kind of time theft can be enormous. The company loses money a few minutes at a time compounded across departments and locations. Biometrics makes it almost impossible for employees to defraud a time and attendance system. 

Other returns on investment can be gained through the use of the biometric system as a security access monitor, as well. In this case, the biometric system is used to grant or deny access to restricted areas. The cost of purchasing and maintaining magnetic or proximity identification cards, which do not prevent fraudulent access, can be eliminated.

Accepting Real-World Access Control Challenge

I write about change quite a bit because I am fascinated with all of the various elements that make change both interesting and dreaded by most people. To write about a subject, many writers research the subject matter they are tackling. I do this too, but I prefer hands-on experience. Reality changes in a hurry in our business world. What can this principle teach us in the world of convergence security technology?

Plenty, if it means you have the responsibility of delivering sustainable security solutions your customers count on every day. So let’s use a real-life example to more closely examine the tactical side of security. The challenge was to design, sell, install and commission a replacement of a 30-year-old+ mag stripe electronic access control system with a new IP-based system. Now, for plenty of you this challenge is a walk in the park, part of your everyday security business life. For others, it is not — including yours truly. Yes, I have security system integrator experience with a large company and founded an IP video integration company, but it’s been a few years since I strapped on a 33-inch tool belt. Wisdom and waist size have both grown a bit over the years, but that didn’t stop me. I was up to the challenge and charged forward.

Changing the Mindset on Decades-Old Ways

What I know about security technology from an application and elemental building blocks perspective is much different than putting the IP system puzzle pieces together onsite at 5:30 a.m. because the customer opens for business at 11 a.m. Ladders are unsightly, liability increases and the business operations are impacted — not to mention dropping fiberglass from the ceiling tiles into someone’s glass of beer.

The pressure of doing an IP installation properly in the correct sequence, and coordinating other contractors and supplier support while wrestling with old technology, is as close to “ground truth” as you can expect in the civilian world. Schedules and timing are important when you cut over an access control system. The old system has to continue operating while a new system is readied to take over the workload on a very specific date (no pressure here to get it right!). Now add to this the expectation of your customer for a significant operational improvement and you are involved with a bare-knuckle fight with change. Did I mention that I love a good challenge with change?

Here’s how this installation tale began. An acquaintance is a controller for a chapter of a large, well-known fraternal organization that has thousands of chapters worldwide. And he is not just any controller ... he was recognized nationally in 2012 as the best in the country, a guy who knows a thing or two about business and return on investment. He knew I worked in the security field so we started talking about the mechanics and costs of membership-based organizations that restrict/permit access based on bylaws and being current with their dues. Now add some size to this challenge. This particular chapter has approximately 800 male and female members, each with separate requirements.

So how were they managing access privileges? Every year the chapter needed to order new magstripe cards for all its members. This is an old credentials technology, so you can understand some of the cost factors. These credentials had to be replaced every year when membership dues were due. To this cost add the management time for physically handing over a new credential once dues were paid. This process has obviously worked for 30+ years, but what would the future look like for 30-year-old+ magstripe readers and 24VAC electric strikes? How long would they last? Could they even be repaired? How long could they disrupt operations if they did fail? Perhaps it is time to consider a change in electronic access control technology and upgrade the system.

Analyze Your Recommended Technology Applications to Ensure They Are Appropriate

I initially recommended a biometric solution since it would entirely eliminate the cost and management of card credentials. I like cool technology that is affordable and reliable (and I just wrote about this technology a few months ago, noting that it is an obvious solution to recommend).

But not so fast — remember, blindly recommending the application of technology can be dangerous, as well as narrow-minded and myopic. Does this sound like anyone you know or work with perhaps? We all are guilty of sticking with a “true blue” product or supplier because it is the path of least resistance. Guilty as charged.

How can you avoid the automatic product choices in your comfort zone? Ask the right questions. While biometric fingerprint technology is affordable and reliable, it isn’t a panacea. There is a large percentage of chapter membership groups that evolved in the late 1950s, and using new technology can be intimidating and less effective with their older members. Consider the lifetime use of older members’ hands and the gradual deterioration of their skin.

Biometric fingerprint technology has come a long way in the past five years but still has its limitations. What about facial recognition biometrics? Yes, the technology does work better in this application, but consider the perception of the older members and their comfort level of using card credentials for the past 30+ years vs. presenting their face to a reader or camera … it might feel a bit Orwellian, no?

Applying new technology and, more importantly, the right technology means asking your prospect/customer the right questions then considering the impact of change your solution delivers.

In this particular installation challenge, what was the best choice? An RFID credential solution made the most sense from a cost, application and functionality perspective. With several good choices for reliable IP access control systems I chose a new supplier, breaking out of my comfort zone, that I had done some consulting with to test my thinking.

I started by asking the appropriate questions to ensure the technology would fit the application. For example, how simple would it be to manage from a customer’s perspective? How cost effective would it be now and in the future? Once I got the answers I needed, it was time to kick the tires and light the fires.

The hardware and software components were fairly straightforward and not overly complex to process. Actually they were quite simple, and who doesn’t love simple? The documentation gets a C+ in my book and has room for improvement.

The supplier’s customer support in the field at crunch time — you know, when the customer is looking over your shoulder — was an A. The price vs. value delivery was in the A+ range, allowing me to provide additional spare parts and lots of extra credentials, which all IP systems you sell should absolutely have. This will ensure that any future service or maintenance will be fast, which is especially pertinent for electronic access control installations. What other challenges should you consider?

Thanks to Mr. Paul Boucherle for help.