The security industry is currently in the process of creating the ecosystem necessary to have widespread use of NFC-enabled mobile devices for access control.
Photo credit: (Photo courtesy HID Global)
We are about to embark on a new generation of access control technology in which mechanical keys and even plastic smart cards will either be replaced or at least augmented by digital keys and portable digital identity credentials.
The most basic mobile access control model is to replicate existing card-based access control principles. Using near field communications (NFC) technology, the phone communicates identity information to a reader, which passes the identity to the existing access control system. Based on a pre-defined set of access rights, the access control system would make the decision to unlock the door. This provides a safer and more convenient way to provision, monitor and modify credential security parameters, temporarily issue credentials as needed and cancel credentials when they are lost or stolen. The landscape is undisturbed.
NFC-enabled mobile access control has some basic requirements, including:
• NFC-enabled handsets. Handsets can be equipped with an embedded secure element, such as a subscriber identity module (SIM) or Universal Integrated Circuit Card (UICC)-based secure element, or an add-on device (such as a microSD card) that incorporates a secure element.
• There also must be an ecosystem of devices (i.e., readers, locks, and other hardware) that can read and respond to the digital keys stored in NFC-enabled handsets.
• Finally, there must be a way to manage digital keys – including all identity provisioning/de-provisioning and sharing - within a trusted boundary. This is necessary to ensure a secure channel for communicating identity data objects between validated endpoints so that all transactions between phones, readers and locks can be trusted. To achieve this, a common access control trusted service manager (TSM) must be able to interface seamlessly to the mobile network operator (MNO), its TSM, and the NFC smartphones that will receive the encrypted keys for storage in the secure element, the SIM, or the microSD.
Moving beyond this simple card emulation model, mobile access control can also leverage the smartphone’s on-board intelligence to perform most of the tasks that are currently performed by the access control system. Instead of having a physically connected access control system, a mobile device could leverage its wireless connection to be both the key and the processor, and become the rules engine to make the access control decision.
For instance, smartphones can use their GPS capability to confirm a user’s location, and that he or she has proper authorization to access the area at that specific time of the day. All of this data can be checked against data stored in the cloud. The handset can then send an encrypted signal to the door for it to open. With this model, physical access control systems would no longer need to be hardwired, which would allow a robust, convenient and efficient electronic access control model to be used on interior doors, filing cabinets, and storage units where it previously would have been cost-prohibitive.
To make this model a reality, a new landscape is required, which the industry is now creating. Ideally, handsets must support all four primary operating systems: Apple, Android, Windows and RIM. Additionally, handsets must be equipped with a secure applet to hold the digital keys, an app for the user to interface with, and the actual digital keys. Having an operational card emulation mode in the handset is also a critical element of success.
The hardware for reading digital keys carried in an NFC-enabled handset is also critical, and might include NFC-enabled readers, electromechanical locks, and a wide ecosystem of third-party hardware that supports alternate use applications. These applications might include time and attendance, secure print management, PC secure log-in, biometric template storage, or closed-loop payment within a company cafeteria or at a vending machine.
Last but not least, it is critically important that there be an ecosystem of service providers who can deliver and manage mobile credentials, including mobile network operators and TSMs. There are a variety of perspectives regarding what types of organizations this mobile ecosystem will include and how it will develop over time. The timing and development of this ecosystem will have an impact on how quickly NFC is adopted for any application, from mobile payment to transport ticketing to access control.
Lessons Learned in the Enterprise
A recently convened a group of end-users and consultants discussed results from the industry’s first series of pilots exploring the benefits of mobile access control in enterprise deployments. The roundtable discussion included executives from Netflix, Good Technology, Equifax and Microsoft. Each of the panel participants talked about the importance of an optimized user experience, and described the expected security benefits of mobile access control, the importance of broad product and service choices, as well as a comprehensive industry ecosystem.
Netflix sees mobile access control as a way to make overall physical access not only more secure, but also more convenient for users. The idea of mutually authenticated mobile credentials and readers using robust cryptography and open standards with over-the-air provisioning is also very appealing. Netflix wanted to treat physical access just like any other entitlement from an IT perspective, and tightly couple the two; in other words, access to a particular web server or system should be very similar to how physical access at a door reader is granted to an employee. The company had already been onboarding new employees with a paperless process, and the facilities team was anxious to see how users would react to a new mobile model.
Netflix also knew that people treat their cellphone almost like an extension of their ID – they have their conversations on these devices, and the devices are authenticated by their bank or financial institution on them, so they know they can trust them.
In the Good Technology pilot, employees who were not involved in the program were seen pulling out their phones and trying to present them to the readers to see if they could also open doors. The company issued a notification that this was a pilot and only the phones given to pilot participants could be used to open doors. A large volume of requests followed, asking how to get involved.
Additionally, Good Technology said pilot participants were able to get through doors with almost no training at all. Equifax said the company had initially been concerned that it might be difficult for users to find the “sweet spot” as they positioned the phone close to the reader, but found that the process was identical to that of using a traditional plastic card. Equifax also wanted to see if there were any communications or interference challenges associated with presenting phones to readers that were installed next to the metal turnstiles in its headquarters building, but this was also not an issue.
One issue that both Netflix and Good emphasized was the need for widely available NFC-enabled phones and solutions that are based on open standards to simplify adoption, especially in a world of bring your own device (BYOD) deployment and IT consumerization. Netflix employees clearly wanted a high level of choice related to the types of devices they can use. It also will be important that all solutions be hardware and platform independent, and based on open standards. Panel members felt there was a critical need for everyone in the industry to be in lockstep and contributing to a shared vision for the deployment and use of mobile credentials. Network operators will also be a key part of this equation and provisioning process.