Access Control & Identity: Climb Aboard the NFC Credentials ‘Train’

Integrators need to learn about this system solution

The secure access solutions available with open system smart credentials have several ROI implications. For example, when a smart card program is introduced, it immediately solves the problem of (forgotten) passwords, a nemesis for both users and administrators. Schools and businesses will reduce overhead costs simply by not having to administer passwords.

By introducing smart credential-based authentication, an organization can immediately reduce the number of staff members needed to manage and control access to residence halls, recreation centers, laboratories and other buildings that only authorized students and staff should enter. Go beyond the campus and into a multi-tenant building. As they are using mobile applications in the rest of their lives, tenants will expect their buildings and services to be mobile-friendly too. They won’t want to remember and manage multiple cards, items and ID credentials when they could simply use their smartphones to do all of those tasks.

Likewise, the enhanced convenience of using smartphones instead of badges extends to the administrators building owners have in charge of their access control systems. Rather than having to print physical ID badges for each tenant when they enroll, a mobile ‘key’ gets issued online by your administrator directly to the tenant’s phone at any time, saving staff time, administrative costs and the expense of printers, ink, card inventory and other needed supplies. While improving the service they provide their tenants, it also extends their revenue sources to vending machines, pay-by-use systems such as copiers, and other services that can add to the bottom line.


Preparing your customers securely

When it comes to deploying the technology, look for a contactless smart solution that is armed with mutual authentication and encrypted with AES 128-bit diversified keys. With such a capability, the card and reader verify that they are authorized to communicate bi-directionally. This feature saves on infrastructure costs. Additionally, 128-bit keys virtually ensure no one can read or access credential information without authorization. The technology behind AES has approval by the NSA (National Security Agency) for classified information. A message authentication code (MAC) further protects each transaction between the credential and the reader. This security feature ensures complete and unmodified transfer of information, helping to protect data integrity and prevent outside attacks.

Those not willing to make an upgrade today to open architecture smart credential solutions should at least incorporate multi-technology devices that read magnetic stripe and proximity cards as well as the afore-mentioned smartcards so that, when the switch to smart credentials comes about, they will not have to tear out and re-install readers.


The future is now

NFC provides simplified transactions, data exchange and wireless connections between two devices that are in close proximity to each other, usually by no more than a few centimeters. It is expected to become a widely used system for making payments in North America. Many smartphones currently on the market already contain embedded NFC chips that can send encrypted data a short distance (“near field”) to a reader located, for instance, next to a retail cash register. Shoppers who have their credit card information stored in their NFC smartphones can pay for purchases by waving their smartphones near or tapping them on the reader, rather than bothering with their actual credit card.

A smartphone or tablet with an NFC chip serves as keycard or ID card and much more. NFC devices can read NFC tags on a museum or retail display to get more information or an audio or video presentation. NFC can also share a contact, photo, song, application, or video or pair Bluetooth devices.

To turn smartphones into an access control credential, one simply downloads the application, such as the aptiQmobile app, to the smartphone and uses it to retrieve the secure mobile key that was set up by the access control site administrator. Once the mobile key is downloaded, the user opens the app and taps the phone to the reader just like using a smart card. It’s ultra secure and extremely easy to use.