After Aliro 1.0's Release, Its Steering Committee Chair Addresses Practical Questions
Aliro 1.0 aims to bring the same standardized, wearable-based credential experience seen in residential settings to corporate offices, universities and hospitality venues.
Following the release of Aliro 1.0, the Connectivity Standards Alliance is offering additional clarity around how the new interoperability standard will roll out across the access control ecosystem.
Announced Feb. 26, Aliro 1.0 establishes a standardized communication protocol and credential framework designed to improve interoperability between smartphones, wearables and access control readers. The specification aligns with major mobile wallet ecosystems — with commitments from Apple, Google and Samsung — and supports NFC as a foundation, with optional Bluetooth LE and Ultra-Wideband transport options. It has entered certification and commercialization, with early implementers currently completing product certification.
Backed by more than 220 member companies, including Apple, ASSA ABLOY, HID and STMicroelectronics, Aliro is intended to reduce the fragmentation that has limited digital credential adoption across corporate, residential and hospitality environments. Now, with the standard formally released, organizations with significant installed infrastructure, manufacturers determining hardware compatibility, and systems integrators managing multi-vendor deployments are all asking the same question: what will adoption actually look like?
Nelson Henry, Chair of the Aliro Steering Committee and Vice President of Security Technology & Engineering at Last Lock, addressed those questions directly for SecurityInfoWatch.
Solving fragmentation, not replacing infrastructure
Henry was clear that Aliro's core purpose is interoperability, not a wholesale replacement of what's already deployed. He described the standard as one developed collaboratively with access control leaders, chip providers and mobile ecosystems — a distinction he said matters when comparing Aliro to the proprietary mobile credential frameworks already in the market.
“Instead of proprietary, vendor-specific mobile credential stacks, it establishes a standardized communication protocol and credential definitions that allows for manufacturer-independent devices and readers to interoperate on smartphones and wearables people already use every day,” he said.
For organizations with substantial installed base — readers, wiring, access panels and vendor-specific configurations layered across their facilities — Henry emphasized that Aliro is specifically focused on the relationship between the smart device and the reader, and is not attempting to overhaul broader site infrastructure. The standard is designed to be backend-agnostic and flexible across installation types, allowing manufacturers and system owners to align with it over time while preserving existing investments where possible.
“Aliro aims to standardize a core function, but the commercial rollout will take time, products, and practical migration,” Henry said. "It will be a journey. Aliro is aiming to make its part interoperable, flexible, secure, and practical."
Certification underway, commercial rollout to follow
On the question of timeline, Henry confirmed that Aliro 1.0 has already entered its certification and commercialization phase, with early implementers currently in the process of finalizing certified products. He described consumer markets as natural early leaders in adoption, with commercial deployments expected to follow as manufacturers complete validation and digital infrastructure providers incorporate the standard.
“Broad availability will scale as manufacturers complete validation and bring certified solutions to market and as the digital infrastructure providers incorporate,” Henry said.
Rather than pointing to a specific date, he advised industry observers to track who is moving to support the standard at each critical role. “I'd recommend watching for who is moving to support at each critical role based on statements, announcements, and behaviors.”
Whether existing readers will require firmware updates, hardware replacement or no changes at all will vary by device and manufacturer. Henry pointed to Aliro’s multi-transport design as a practical advantage, noting that the standard was built to work with hardware that is already widely available in the market.
“Aliro should provide a practical, forward-looking standard that can be adopted across different usages with hardware that is commonly available and seen in devices today,” he explained.
Companies expected to be among the first to achieve Aliro 1.0 certification include Apple, Allegion, Aqara, Google, HID, Kastle, Kwikset, Last Lock, Nordic Semiconductor, Nuki Home Solutions, NXP Semiconductors, Qorvo, Samsung Electronics and STMicroelectronics.
A more predictable framework for integrators
For systems integrators, Henry acknowledged that the near-term transition period will involve some adjustment, but contended the long-term direction is favorable. By establishing a common protocol between mobile devices and readers, Aliro is intended to reduce proprietary integration requirements and give integrators a more predictable framework for deploying mobile credentials across mixed hardware environments — ultimately lowering complexity for their customers.
The Aliro certification program focuses on the two device types directly involved in a transaction: user devices and readers. Henry said the program builds on the CSA’s heritage of developing and iterating certification programs used for consumer products globally for many years — a track record he described as an asset as Aliro establishes its own certification footing in the access control space. He added that the organization intends to iterate on both the standard and the certification programs in close collaboration with the access control community.
“It will be an ongoing conversation with the community to listen, learn, and iterate both the standard and the certification programs involved while being a good partner with others who are in the practical design and deployment of access control systems as Aliro goes through its initial digestion into the access control world,” Henry said. “We’ve aimed to lay a good, focused foundation.”
The Alliance has described Aliro 1.0 as a living standard, with future phases expected to address expanded use cases including secure key sharing while maintaining backward compatibility with the initial specification.
About the Author
Rodney Bosch
Editor-in-Chief/SecurityInfoWatch.com
Rodney Bosch is the Editor-in-Chief of SecurityInfoWatch.com. He has covered the security industry since 2006 for multiple major security publications. Reach him at [email protected].