Unlocking the Future

Smart phones carrying digital keys and portable identity credentials may render traditional keys obsolete

There are many future applications for NFC-based mobile phones carrying these embedded keys and identity credentials. Although today airlines use QR barcode technology, travelers have already shown their interest in using cellphones as mobile boarding passes, which further validates the growing popularity of using today’s handsets for a variety of transactions.
In Japan, NFC payment systems are already installed in fast-food restaurants, subways, taxis and vending machines. University campuses will also be ideal candidates for this technology. Students will be able to use NFC mobile phones to enter buildings, pay for parking, make purchases, use campus transit systems, check out library materials, identify themselves before taking tests and access computer resources.

Digital keys and identity credentials also will provide an ideal platform for emerging applications such as electric vehicle charging stations. Drivers will be able to pull up to a charging meter and use their NFC-based mobile phone to access and pay for the service. NFC phones also could be used to provide access to personal health history. One could present his or her phone at a hospital rather than filling out forms, and have the same information available to paramedics with the proper access credentials during a medical emergency.

Another emerging application is micro marketing using intelligent posters. Consumers can use their NFC phone to read a tag on the poster which takes them to a special Web page on their phone with more information, such as a trailer to the movie and the option to buy tickets at the nearest cinema.

Access control technology can actually be used in reverse, to prevent access to your phone based on certain rules and authentication factors. The notion of ”access filters” could become more important as we become inundated with electronic data vying for our attention.

Regardless of the application, portable identity credentials will make it significantly easier for users to acquire, deliver, share and modify their personal electronic key, residing in their electronic wallet. With the access-control decision-making and record-keeping now residing on the NFC phone rather than each individual lock, it becomes significantly easier to secure locations and items with disconnected locks, and then acquire new keys, remotely deliver keys to other people, and change the rules for who can use each digital key, and when.

Trust-Based Open Technology

HID Global is currently working with leading handset manufacturers and NFC semiconductor suppliers to embed the next-generation technology required for these secure access applications directly into phones. The key to these future capabilities is the concept HID Global calls Secure Identity Objects, or SIOs. An integral part of the company’s new iCLASS SE reader platform is the ability to process SIO-enabled device data. SIO-enabled products (cards and readers) perform similar functions to traditional cards and readers, but use a significantly more secure, flexible and extensible data structure. SIOs operate in HID Global’s Trusted Identity Platform (TIP) framework, which ensures that all endpoints, or nodes — such as credentials, printers, readers and NFC phones — can be validated, and transactions between the nodes can be trusted. This is the company’s trust-based network, which was created for managing the virtualization of traditional access control technology. Combined with smartphone subscriber identity module (SIM) technology, this trust-based network creates an extremely secure environment for an access control infrastructure.

SIOs are device-independent, and provide an additional layer of security on top of device-specific security, acting as a data wrapper that provides authentication and additional encryption. Therefore, SIOs can reside on traditional contactless memory cards as well as microprocessor-based cards like SmartMX, smartphones with NFC capabilities and many other formats. Because they are bound to specific devices by using device-unique properties, SIOs also prevent card cloning, and the use of open standards means they can be defined to support a variety of data types, including access control, biometric templates, vending, time-and-attendance and other applications. SIOs use open standards for authentication and encryption and these can be upgraded as new stronger methods emerge.

Editor’s Note: This story is a follow-up on Dr. Hulusi’s article, “Alternate Trusted ID Systems,” which appeared in the May issue of STE. Check out the archives at SecurityInfoWatch.com/magazine/ste to read the first article.

Dr. Tam Hulusi is the senior vice president responsible for innovation and intellectual property for HID Global. In this role, he is responsible for expanding the value of HID’s worldwide technology assets for customers and partners by optimizing the value-added component of current technologies, as well as leveraging his experience to bring emerging technologies to market. A graduate of Harvard Business School, Dr. Hulusi holds a Ph.D. in physics.