Let’s face it: Everything is mobile – which makes writing about how mobile applications will revolutionize security feel a bit like talking about how PCs are going to be the next big thing in the year 2000. Been there, done that – except mobile credentials are still a fairly new innovation, not only in physical security but also in the broader world of mobile payments and identity. Their uses are many, their costs savings proven out to four decimals, and their cybersecurity superiority to the plastic tokens of yore well-heralded.
One thing that escapes mention in most of these discussions is that mobile credentials – or, rather, the apps that transport them – offer an opportunity for user engagement that has been sorely missing from most security technology (and, for that matter, most corporate security operations). The fact is, user experience just hasn’t been much of a priority for security manufacturers, systems integrators or CSOs. For most, security is “Job No. 1” – user experience plays second fiddle.
Consumerization of security applications is changing all that – most noticeably in the residential space with the takeover of security by smart home conveniences. The old paradigm of inscrutable wall-mounted control panels has been replaced by much friendlier mobile apps that enable users to control lights, music, temperature, shades – and “Oh, yeah” – their security system. It is the first time anyone has been able to arm and disarm their intrusion systems without scaring the pets with a false alarm or risking a call from the central station.
This consumerization trend, in the form of mobile credentials, offers commercial security providers the opportunity to bring that same degree of engagement into the office that people currently experience at home. CSOs have long known that an engaged tenant population is a more secure tenant population – the problem has always been how to bring this about. Even the tried-and-true combination of posters and scary memos has its limits.
This is where mobile apps come into the picture. People willingly use mobile apps daily and view them as an integral part of their lives. This is where mobile credential usage has a distinct advantage over other kinds of apps because in a mobile-first access control system, people must use mobile credential apps in order to access their place of business, conference rooms, restrooms, and perhaps even the company gym. They become habitual (or “sticky”) – and that is where the opportunity for adding additional security functionality and having the employees, tenants or residents become partners in ensuring the security of the whole.
The Smart Business
If the smart home is on the rise, the smart business cannot be far behind – and mobile credentials are the benign Trojan horse that will put enough apps into enough hands to bring about this new and better world of wider involvement in the security enterprise.
Smart buildings have created and inroad for smart businesses; however, system administrators and building engineers are so far the principal beneficiaries of those systems – mostly because they are the only class of people who get to use the apps. The rest of us might benefit from better temperature control and experience fewer rent hikes thanks to better energy management, but we are not truly engaged with the system.
Because mobile credentials are in the hands of the people who actually use the facilities, mobile credential apps engage users in far deeper ways. Shared workspace and modern property management platforms are at the vanguard of creating these benefits for their user populations. Property management giant Greystar, for example, is deploying advanced systems that integrate mobile credentials for both common area and tenant doors with intercoms, smart apartment controls and other building amenities.
As compelling as all these features are in the aggregate, it is the daily use of credentials that keeps the app in front of users. Daily use opens up opportunities for the “smart business” that would not be possible in a world where building occupants rarely bother to use the app.
The Rise of Mobile Analytics
Better mobile analytics are another effect of the smart business evolution. Nearly every major Business Intelligence (BI) application has a mobile component that makes it easy for developers to put clear intelligence in the hands of their users.
Usually these analytics are presented as a highly digested version of the underlying data – typically featuring graphs of trends and statistics, with user-definable push notifications for more urgent alerts. These mobile analytics put security professionals on the same playing field as other corporate departments, such as sales and finance, which have enjoyed the benefits of mobile decision support for many years.
As an example, Splunk – a machine data analytics platform – has created a “splunkbase” app that ingests access control data, displays an intuitive analyzed version of it, and alerts users to suspicious activity.
As with the success of sticky apps in other domains – and there are no better examples than gaming and social media – frequency of use plays a key role in establishing the value of the underlying technology. If analytics can be delivered in real time to an app that is used dozens of times a day, the results have a much greater chance of affecting decision-making – which is the whole point of delivering information in the first place.
If an app is seldom-used and lacking in mindshare, then users will never get the benefit of all the data collected and stored on their behalf.
Mobile credentials feed into this scenario, because a tenant population equipped with apps can generate far more information about building usage than a population without them. Apps encourage engagement with other building systems and amenities, which drives further learning about user behavior and building usage patterns. Armed with this information, analytics can improve not only the security experience, but the building experience as a whole.
The Future and Standardization of Mobile Credentials
The future of mobile credentials could take a number of different directions, depending on how the questions of standards and/or market dominance are determined. Since market dominance usually decides which standard comes out on top, in some sense, standards and marketing dominance are ultimately the same thing.
At this writing, nearly every connected device and access control manufacturer has its own proprietary protocol between the mobile apps and the physical mechanisms they can unlock. Yes, they use some common building blocks such as Bluetooth, NFC, and widely available encryption protocols; however, they are not interoperable.
One approach to providing a good user experience amid this plethora of proprietary credentials is to develop a container app that hides these details from the user. This is the approach taken by portfolio solutions like the Apple Wallet, which conveniently holds all the credentials in one place, but still leaves credential selection and management to the user.
A more domain-specific approach is that of Stratis, a leader in the smart apartment/smart building category. Its app for apartment dwellers transparently manages multiple credentials that function across common-area access control systems, individual apartment doors locks and multiple IoT devices within the dwelling. Users perceive a single, unified permission experience that hides all the messy details of our non-standardized industry landscape.
This last step in making mobile credentials usable for the average person is critical to delivering a truly “consumerized” experience, and in turns driving the analytic benefits of widespread mobile interaction with physical security systems. Expect a lot of change, which is to say: expect a lot of excitement.
Steve Van Till is President and CEO of Brivo, and the author of the 2018 ASIS Security Book of the year, The Five Technological Forces Disrupting Security: How Cloud, Social, Mobile, Big Data and IoT are Transforming Physical Security in the Digital Age, available on Amazon.com. Request more info about Brivo at www.securityinfowatch.com/10213096.
