Mobile Credentials: Using Smartphones as Access Control Cards

Oct. 26, 2020

By Randy Montelius

By now, most people are familiar with access control cards: Thin, plastic cards issued by employers or schools. These cards are normally tucked away in wallets or purses until they are needed.

To gain access to a door with a card reader, you simply bring the access card within an inch of the reader, which is mounted about 36 inches off the ground. (Sometimes you can do this while the card is still in your pocket or purse, but it might require some contortionist skills to make that happen!)

With smartphones becoming our “digital wallets,” what if a door reader could “see” an access credential on your phone from a distance and determine whether to let you in? That’s the concept behind mobile credentials, which are installed as an app on users’ smartphones.

The phone and card reader communicate using Bluetooth technology at short range (about 4 feet). This range or bubble can be adjusted for each reader. Many hotels have already started providing this option for guestroom access, and up-and-coming generations of workers will expect to use their smartphones for access to work and school as well. While people may forget their access cards, few will forget their phones.

In lieu of presenting a card to the reader, the user taps a button on the app as they approach. Different gestures can also be set up, such as a double tap or using Siri to unlock the door. The system can also learn to anticipate the door sequence you pass through. For example, if you first access an exterior door and then an interior door to get to your space every morning, the app can learn and prompt you for the next door in the sequence.

Benefits of Mobile Credentials
Although access control cards served us well for decades, many don’t realize that some card technologies are no longer secure – especially if you haven’t upgraded your card technology in the last several years. Some legacy proximity cards can be easy cloned at a distance using readily available equipment.

Mobile credentials incorporate two-factor authentication through a phone’s built-in ID functionality (face or fingerprint identification) for improved security: It requires both something the user possesses (a phone) and access to that device (face or fingerprint). 

Credential enrollment can be streamlined through a self-service portal. This allows users to login themselves and request access credentials, which are routed to appropriate approver(s). Once approved, the access rights are pushed directly to the user’s phone and are immediately functional. This is also handy for granting temporary or one-time access to an area for visitors, volunteers, or contractors.

Before deploying mobile credentials, legacy card readers will need to be upgraded to Bluetooth-capable readers, which are the same size and backward compatible (they’ll continue to read the physical cards you’ve deployed).

Depending on the reader you choose, upgrades may run between $500 and $1,000 per reader, including installation. If your building has lots of card readers, not all readers have to be replaced at once. You can migrate to Bluetooth technology over time by using a mix of new and existing, placing new readers on high-traffic doors.

Even if you’re not quite ready to introduce mobile credentials, but still plan new reader installations over the next year or two, we recommend selecting readers that have this capability so you can transition seamlessly when you’re ready.

Have questions about mobile credentials – or whether your building is a good candidate? Send me an email!

Vice President of Technology Randy Montelius joined CEC in 1982 and has held positions in field operations, service, sales, management, and engineering. Today, he applies his passion for technology as he helps employees solve complex business issues for customers.


Back to Top