Unlocking the Future

Aug. 31, 2011
Smart phones carrying digital keys and portable identity credentials may render traditional keys obsolete

For roughly 4,000 years since the invention of the lock, the mechanical key has provided an inexpensive method for opening doors and gaining access to properties, vehicles and other assets. Many applications for the mechanical key have gradually been eliminated with the advent of more secure and manageable plastic access-control cards that, over the years, have become increasingly more capable and intelligent. Now, a quantum leap in access-control technology may do away with mechanical keys — and even cards — by ushering in a new era of digital keys and portable digital identity credentials that can be securely provisioned and safely embedded into smart phones and other devices.
Over time, the access-control card has become increasingly sophisticated and intelligent as exemplified by today’s 13.56 MHz contactless smart cards, which include a tamper-proof RFID device connected to a multi-turn antenna. These cards are personalized to the cardholder, and a mutual authentication process occurs when they are presented to a reader. Additionally, they can be used for multiple applications such as biometric authentication, cashless vending and secure PC logon using the inherent secure storage capability of this technology. Until now, this card was required for securely carrying our identity, and the decision to allow or deny access was made between the reader and a central panel (or server) that stores the access rules and decides if a particular person should be allowed to open a door.
In reality, our identity information and the procedural chain of encrypted communications and data processing events that occur between the reader and server or panel can be virtualized just like any other IT procedure and moved onto new platforms, including mobile phones. In other words, the intelligence contained in today’s smart cards, along with the user’s identity information, can reside on any suitably secure electronic device.
In order to seamlessly integrate with existing physical access control systems, there are two prerequisites for such a “virtualized” system to coexist:
1. A way for the data to be communicated to an access-control reader (the equivalent of swiping or presenting a physical card), and
2. A mechanism for securely managing the identity and authentication information that is carried on the device (i.e., from the time of provisioning and throughout its life cycle).
With these two pieces in place, the same basic access-control methodology proven for decades in businesses, healthcare, government and other applications can be embedded into smartphones and other mobile devices, and we can do away with keys and cards virtually anywhere we need to unlock a gate, door, or drawer.

Near Field Communications
An ideal technology for this methodology is Near Field Communications (NFC), a short-range wireless communication standard that enables data to be exchanged between devices over a distance of several centimeters. Moreover, NFC is also fully compliant with the ISO standards governing contactless smart cards, an obvious feature that makes this an ideal platform.
A mobile phone equipped with NFC technology can be used to carry a portable identity credential and then wirelessly present it to a door reader — just like the current plastic smart cards. The phone is simply waved in front of the reader and the user can open the door. Key or card access functionality becomes another application alongside the device’s other voice, data, memo, music, navigation, camera and game functionality. According to the research firm IHS iSuppli, manufacturers will ship approximately 550 million NFC-enabled phones in 2015.
The most simplistic model for NFC digital keys and portable identity credentials is to simply replicate existing card-based access-control principles. The phone communicates identity information to a reader, which passes the identity to the existing access control system, which then opens the door. This eliminates the need for keys or smart cards while providing a safer and more convenient way to provision, monitor and modify credential security parameters, eliminate credential copying, temporarily issue credentials as needed, and cancel credentials when they are lost or stolen.
An early example of this type of application was recently tested at the Clarion Hotel Stockholm in Sweden during a pilot that concluded in June 2011. The hotel worked with HID Global parent ASSA ABLOY, Choice Hotels Scandinavia, TeliaSonera, VingCard Elsafe and Giesecke & Devrient (G&D), to replace the hotel’s room keys with digital keys that are sent to guests’ NFC-enabled mobile phones.
During the Clarion Hotel pilot, guests were given the opportunity to use their mobile phones to access their rooms. Participating guests received a Samsung NFC mobile phone with Assa Abloy’s Mobile Keys software installed. Before arriving at the hotel, guests received a text message with a link to where they could check in, and the hotel sent an electronic room key to their phones. Guests then were able to skip the check-in line and go directly to their room, where they opened the door by holding the mobile phone in front of the door lock. When checking out, guests simply touched their phones to a kiosk in the lobby, again saving time by skipping the front desk.
In a survey conducted after the Clarion Hotel trial, sixty percent of respondents said they saved more than 10 minutes by using the digital key solution, and 80 percent said they would use the solution if it were available today. The hotel also benefitted in several ways (apart from the expenditure on plastic cards) by re-focusing the staffing resources required to check in those guests to other more valuable customer service issues. It was also much easier to replace lost keys when needed.

Replacing Panels and Servers
There are other opportunities to harness a smartphone’s power to significantly reduce the cost of deploying access-control applications. Modern smartphones have on-board intelligence that is comparable to today’s typical access-control system, and can be used to perform most of the tasks that otherwise would be jointly executed by reader and server or panel. Can this mean that NFC smartphones can replace the functional duties carried out by access control panels and servers? The simple answer is yes. What this question (and its answer) really means to the access control industry is a paradigm shift in the interaction between the card, the reader (or lock) and the access control panel.
Readers (and locks) can be built without any significant intelligence or connectivity capabilities. NFC-based phones will verify a person’s identity and any other relevant rules (such as whether the access request is within the permitted time period during the day, or that they are standing at the door using the phones’ GPS capability), and then send a trusted message to the door that it should open, using cryptographically secure communications. All the reader must do is interpret the encrypted command to open the door — the readers (or locks) become encrypted door switches, that are not connected to a panel or server, potentially reducing the cost of these products.
Moreover, NFC smart phones will be capable of storing the necessary access control rules and processing, and providing trusted commands to these lower-cost, disconnected NFC readers, in order to unlock the door. This will make it possible to deploy inexpensive, yet equally robust access systems for applications like interior doors, filing cabinets and storage units for valuable or controlled materials (e.g., pain-relieving drugs) where it previously would have been prohibitively expensive to install a traditional wired access-control infrastructure.

More Secure
In addition to cutting access control costs and creating new market opportunities, digital keys and portable identity credentials will also be more secure. At a minimum, users will be far more likely to notice and report a lost phone carrying a portable identity credential than they would a missing card.
Additionally, these NFC-based phones with embedded keys and credentials will make it easier to quickly and efficiently modify security parameters. For instance, in a traditional application such as accessing a federal building, two pieces of evidence — or authentication factors — are required to prove identity. The same is true of bank ATMs, where the plastic card is the first piece of evidence, and a PIN code is the second. With an NFC phone, two-factor authentication could be dynamically turned on when necessary, such as when intelligence leads to an elevated threat level. With an NFC-based mobile phone carrying digital keys or credentials, an application can easily be pushed to the phone that, for instance, requires the user to enter a 4-digit PIN on the phone before it sends the message to open the door, making multi-factor authentication a real-time managed service.

Future Applications
There are many future applications for NFC-based mobile phones carrying these embedded keys and identity credentials. Although today airlines use QR barcode technology, travelers have already shown their interest in using cellphones as mobile boarding passes, which further validates the growing popularity of using today’s handsets for a variety of transactions.
In Japan, NFC payment systems are already installed in fast-food restaurants, subways, taxis and vending machines. University campuses will also be ideal candidates for this technology. Students will be able to use NFC mobile phones to enter buildings, pay for parking, make purchases, use campus transit systems, check out library materials, identify themselves before taking tests and access computer resources.
Digital keys and identity credentials also will provide an ideal platform for emerging applications such as electric vehicle charging stations. Drivers will be able to pull up to a charging meter and use their NFC-based mobile phone to access and pay for the service. NFC phones also could be used to provide access to personal health history. One could present his or her phone at a hospital rather than filling out forms, and have the same information available to paramedics with the proper access credentials during a medical emergency.
Another emerging application is micro marketing using intelligent posters. Consumers can use their NFC phone to read a tag on the poster which takes them to a special Web page on their phone with more information, such as a trailer to the movie and the option to buy tickets at the nearest cinema.
Access control technology can actually be used in reverse, to prevent access to your phone based on certain rules and authentication factors. The notion of ”access filters” could become more important as we become inundated with electronic data vying for our attention.
Regardless of the application, portable identity credentials will make it significantly easier for users to acquire, deliver, share and modify their personal electronic key, residing in their electronic wallet. With the access-control decision-making and record-keeping now residing on the NFC phone rather than each individual lock, it becomes significantly easier to secure locations and items with disconnected locks, and then acquire new keys, remotely deliver keys to other people, and change the rules for who can use each digital key, and when.

Trust-Based Open Technology
HID Global is currently working with leading handset manufacturers and NFC semiconductor suppliers to embed the next-generation technology required for these secure access applications directly into phones. The key to these future capabilities is the concept HID Global calls Secure Identity Objects, or SIOs. An integral part of the company’s new iCLASS SE reader platform is the ability to process SIO-enabled device data. SIO-enabled products (cards and readers) perform similar functions to traditional cards and readers, but use a significantly more secure, flexible and extensible data structure. SIOs operate in HID Global’s Trusted Identity Platform (TIP) framework, which ensures that all endpoints, or nodes — such as credentials, printers, readers and NFC phones — can be validated, and transactions between the nodes can be trusted. This is the company’s trust-based network, which was created for managing the virtualization of traditional access control technology. Combined with smartphone subscriber identity module (SIM) technology, this trust-based network creates an extremely secure environment for an access control infrastructure.
SIOs are device-independent, and provide an additional layer of security on top of device-specific security, acting as a data wrapper that provides authentication and additional encryption. Therefore, SIOs can reside on traditional contactless memory cards as well as microprocessor-based cards like SmartMX, smartphones with NFC capabilities and many other formats. Because they are bound to specific devices by using device-unique properties, SIOs also prevent card cloning, and the use of open standards means they can be defined to support a variety of data types, including access control, biometric templates, vending, time-and-attendance and other applications. SIOs use open standards for authentication and encryption and these can be upgraded as new stronger methods emerge.
Editor’s Note: This story is a follow-up on Dr. Hulusi’s article, “Alternate Trusted ID Systems,” which appeared in the May issue of STE. Check out the archives at SecurityInfoWatch.com/magazine/ste to read the first article.

Dr. Tam Hulusi is the senior vice president responsible for innovation and intellectual property for HID Global. In this role, he is responsible for expanding the value of HID’s worldwide technology assets for customers and partners by optimizing the value-added component of current technologies, as well as leveraging his experience to bring emerging technologies to market. A graduate of Harvard Business School, Dr. Hulusi holds a Ph.D. in physics.