At the ASIS 2014 conference in Atlanta on Monday, HID Global unveiled its “HID Mobile Access” solution, which includes everything organizations need to immediately begin using Bluetooth Smart and NFC-enabled smartphones and other mobile devices as an alternative to keys and smart cards. HID Mobile Access is used with the company’s mobile-enabled iCLASS SE and/or multiCLASS SE readers, and includes Mobile IDs, HID Mobile Access Apps and access to the HID Secure Identity Services portal for managing users and issuing or revoking Mobile IDs. The mobile-enabled readers are also interoperable with HID Prox and high-frequency technologies including iCLASS Seos, iCLASS SE, standard iCLASS, MIFARE, and MIFARE DESFire EV1.
Although mobile credentials for access control haven’t gained the momentum that many thought they would in recent years, there have been a number of barriers that have impacted adoption of the technology, according to John Fenske, HID’s vice president of product marketing.
“For quite a while, there have been some challenges – most of them not necessarily technical challenges – but commercial challenges with the solution,” said Fenske. “The idea that not all phones have the right technologies, certain entities are controlling of those technologies, so it really puts some barriers around our ability to have a single, enterprise customer be able to uniformly provision credentials to their entire population.”
According to Fenske, what differentiates HID Mobile Access from some of the other solutions on the market is that it is “somewhat independent” of the credential communication technology as they can communicate the credential to the reader using either NFC or Bluetooth.
“All of the mobile access discussions and motives really started with NFC. A few companies started to release phones with NFC technology in them and, as we all know, Apple was not among them so any device with an iOS operating system was excluded from the solution.” explained Fenske. “The other challenge with NFC was that to communicate data via NFC to a reader, that data needed to be stored or come from the secure element in the phone and the problem with that is the only people who were able to put data into the secure element were the mobile network operators. You had to negotiate with each one of those carriers to get data into the secure element.”
While this didn’t make it impossible for companies to use NFC as a means of communicating with card readers – Fenske said that they still work with a few of these mobile carriers – it did make them start to consider other options for mobile access capabilities, namely Bluetooth.
“Bluetooth had a lot of nice advantages to it. First off, it overcame the barrier of compatibility with iOS. It’s a much more mature and robust technology and is supported by many more phones, any smartphone supports Bluetooth as opposed to NFC,” said Fenske. “The other thing is that it doesn’t require that the credential information or data be stored in the secure element, so we can put the data securely stored in the operating system and communicate via Bluetooth to the reader. Because we’re using Bluetooth, it affords us some other interesting applications."
For example, Bluetooth provides users with the ability to have their smartphones read at greater distances than with NFC. This can be seen in HID’s patented “Twist and Go” gesture technology which allows users to twist their phone like a key from 10 to 20 feet away.
At the same time, Fenske said that NFC has also changed and evolved, keeping it a viable technology for the industry. Specifically, the development of host card emulation or HCE for NFC helped the technology overcome the barrier of having to place the data in the secure element.
Fenske pointed out that another important aspect of the release of HID Mobile Access is the cloud capability to provision credentials over the air.
“If you can imagine an end user who has decided they want to manage credentials on the phone, how are they going to do that? HID has developed our mobile access portal – a cloud-based application for managing those identities via the web,” said Fenske. “When we think about the workflow and how people manage credentials today, we think there are some important opportunities and efficiencies that can be realized by managing credentials over the air from a cloud-based portal.”
