In this fast-paced digital world, advances in technology have given us many substitutes for previously manual operations.
Consequently, it’s now impossible to imagine getting through the day without our mobile phones. From waking up to the sound of an alarm clock, setting up meetings with clients, to participating in online conferences, mobile phones have become an integral part of our daily existence.
Based on recent trends, it’s easy to see why mobile devices are starting to shape the different systems we use not only to connect with people but to manage our lives and businesses.
This leads us to the newest innovation in mobile technology—mobile access control. With mobile access control, we are better disposed to access, view, and manage critical events by simply installing security software on mobile phones.
This technology is rapidly emerging as a viable alternative to physical access systems, ushering in a new era of enhanced management activities.
Enterprises today need their workforces to be mobile, agile, and flexible—able to work anywhere and at any time. To enhance efficiency, achieve business goals, and remain competitive, organisations are allowing increased access by authorised users to corporate applications and resources, wherever they may reside.
Enterprises deploy enterprise mobility management (EMM) solutions to help them manage their growing number of devices, including remote desktops, laptops, smartphones, tablets, and soon even wearables.
Through a simple, centralised administrative console, organisations can authenticate devices and users, configure and update settings, and secure and manage many mobile devices.
But in this world of any time, anywhere, any device access, organisations need even more control over the data flowing to and from corporate networks, clouds, and other sources. The Enterprise Mobility Gateway (EMG) solution offers that control through granular, context-aware policies that differentiate access to applications housed on the network, in a cloud, on the web, and in virtualised environments.
Through granular, context-aware policies, the solution enables you to safeguard sensitive corporate data and personal information while providing seamless access for users.
You can also protect your networks, cloud, applications, and resources while securing user devices and access; ensure security compliance, and predict and mitigate threats—all while increasing employee usability and productivity and decreasing cost.
What Is a Mobile Access Control System?
Mobile access control takes mobile phones, smartphones, tablets, and wearable electronic devices and allows them to function as a user’s credentials to enter offices or other business facilities.
As more and more employers encourage the Bring Your Device (BYOD) trend, app access control is becoming a great tool to add an extra layer of security to any organisation. Now, electronic devices even enable biometric authentication without the need to invest in expensive biometric readers.
Access control is a critical element of any security system. It would be best to control who enters a parking lot, building, or even specific rooms within a facility. Users need to have credentials that can be presented to an automated reader. Providing the proper credentials allows a person to gain access.
In the past, this meant providing key cards or key fobs to everyone and keeping them updated with current credentials. In modern times, biometrics can be used for access, but that may mean expensive readers. So why not provide access using something that your employees or residents already have?
The Battle for the Keywords
However, the world moves on, as do definitions. Around 2011, HID Global began a considerable PR campaign paying to capture the words “Mobile Access Control” in Google AdWords to mean using a cell phone and an app to unlock a door.
After years of HID’s PR campaign, they and other vendors continue to pay big bucks to fight for control of these keywords on Google. Now, in 2019, if you search for “Mobile Access Control”, you see the image below on the right-hand side of the search results:
They were pointing to using a cell phone to open a door. The Teller is the entry for these keywords that doesn't show up until the 5th page. This was an excellent video HID produced early on, showing how convenient “Mobile Access Control” could be for a user.
Cell Phones at the Door
Using a cell phone to access a door reader is now the new definition of “Mobile Access Control.” Other terms that the industry seems to accept are “Mobile Access Credentials” or “Smartphone Access Card.” Regardless of what you call it, here is how we now define it:
“Mobile Access Control” uses an app on an NFC or BLE enabled smartphone to open a door.
For most physical access, employees open doors using their badge (RFID, magstripe or other technology), PIN, and biometric credential.
But as everyone now always has their mobile phones with them, the industry identified smartphones as a new medium to store credentials.
This transition is aided by Apple iOS and Google Android, embracing Bluetooth Low Energy (BLE) and Near Field Technology (NFC) communications.
The use of the cell phone to open a door or gate provides a few excellent features, specifically:
- BLE Range can be meters instead of inches
- People often have their cell phones in their hands, which is convenient at doors.
- It does not require another device.
However, there are still many challenges to this technology. Unlike the old trifecta of Card/PIN/Biometrics, which always work, your cellphone does not work with a dead battery. Unfortunately, the market is fragmented.
Each vendor has its own competing, proprietary infrastructures, which require replacing all the readers at your points of access. Mobile credentials also have a significant learning curve and management overhead.
Lastly, these credentials are subject to different attack vectors than security personnel see with physical credentials.
How Does Mobile Access Control Work?
In most cases, mobile access control is powered by Bluetooth, allowing phones to communicate with a reader placed on a door.
These days, there’s no need for pairing devices manually; Bluetooth Low Energy (BLE) technology will take care of that often frustrating process.
A secure Bluetooth connection can be established from a few feet away, giving Bluetooth access a noticeable edge over traditional RFID card technologies with an average read range of about an inch.
Thanks to mobile access control, there’s also no longer a need for access control cards.
NFC (near field communication) technology is often applied in mobile access control. You have probably heard of it as it is commonly used for payment applications. Similar to Bluetooth, a phone gets connected to a reader.
The drawback of NFC, though, is that it doesn’t let you connect from a distance. Its range is only a few inches.
Mobile Access Control Advantages
What are the benefits of mobile access control?
- Cost-effective – Your employee or residents already have the device they need to pass the access control system. From smartphones to smartwatches and other wearables, these standard devices can be used along with or instead of keycards and critical fobs, saving you money.
- Simple – Mobile access simplifies the process for the user, and that means less tech support. You don’t have to worry about someone losing their key fob or card. You don’t have to worry about the magnetic strip on a keycard getting demagnetised. This is one of the many reasons hotels are starting to allow guests to access rooms with a mobile device.
- Secure – Credentials are sent to mobile devices digitally. This data is encrypted to protect each individual’s identity and credentials. You can remotely manage credentials, allocating and revoking them in real-time.
- Scalable – You don’t need more cards when your company or property grows, or you have visitors. You can assign more credentials to the individuals who need them.
Introduction to Smartphone Access Control Systems
Mobile access control systems offer access to secured buildings and rooms with just a couple clicks on mobile devices, including smartphones, tablets, and wearable tech.
Such systems provide structure and office managers with a cost-effective solution for efficiently managing identification credentials. This ease and convenience make mobile access controls an undeniably promising alternative to physical cards.
The World of Mobile Access Control
There are various access control systems available on the market, from systems operated by local servers to personalised, cloud-based access control systems with numerous high-end features.
Although local systems only require one-time investment, the smartphone access included with cloud-based systems makes them a much more economical choice for long-term applications.
The significant smartphone door access control systems are IP systems, control panel systems, and mobile access credentials. The following segments offer a brief insight into all of these systems.
For start-ups or small companies who work with only a handful of suppliers and clients, managing contacts is hardly a difficult task.
However, more prominent companies dealing with thousands of clients across the globe might find working with local systems to be a hassle.
In contrast, cloud-based IP systems are specially designed for large businesses; they enable easy access and data management in the cloud.
Control Panel Systems
Control panel systems have several applications. They are often installed locally, allowing users to manage credentials and generate reports.
One advantage of these computerised systems, installed directly at workspaces, is that they can be integrated into the security system, helping to ensure the safety of employees and clients.
Mobile Access Credentials
For many reputable institutions, controlling access to office spaces can be a big concern.
Mobile access credentials can be especially beneficial to companies struggling with this, as they enable operators to keep track of employees’ entry and exit activities.
Mobile access credentials also provide a secure way for license key holders to access particular locations within a building.
Some other common advantages of these systems include ease of operation, improved security, and remote office management capabilities.
Mobile-enabled employees are granted access to a specific physical location with just a few clicks on their phones. Plus, all accesses are generally managed in the cloud, allowing an administrator to grant and revoke mobile credentials easily.
With more and more companies of all sizes choosing to install mobile access control systems, these systems have become an indispensable part of security in the corporate world.
It’s not surprising that so many organisations are switching to mobile access control—as opposed to printed identity cards and physical documents, mobile access control offers a more convenient experience for both workers and administrators.
Understanding the Differences Between a Regular Access Control System and a Mobile-Based Access System
Access control has only one purpose: It grants and revokes access to resources or locations within an organisation’s space. Access control can be broadly classified into two categories, physical access and smartphone access.
While the former can restrict access to certain rooms, areas, and valuable assets, the latter can also limit access to computer networks, digital files, and classified data.
In this ever-growing digital world, it is becoming increasingly crucial for businesses to shield sensitive information, making smartphone access systems the right choice for many corporations.
Physical Access Control
Physical access control regulates the entry and exit of employees to a particular space. Some common examples of physical access control systems are:
- Fob controlled gates
- RFID doors
- Password Protected Systems
Although physical access control can be a reliable option, proper access control measures must ensure an effortless transition from one space to another.
Cloud-based Mobile Access Control
Mobile access control, on the other hand, consists of identification, authentication, and authorisation systems.
This type of access control is very different from physical access control, which uses badges, keys, and other physical tokens to access a particular location or asset.
Businesses and other institutions use many mobile access control systems, from password-protected programs to biometric security systems. With mobile access control systems, all access permissions are regulated in the cloud by specialised security agents.
The Technology Behind Mobile Access Control Systems
Mobile access control systems come with various technologies to enable smart access to restricted spaces and data. The following section discusses the primary technologies used in cloud-based mobile access control systems.
Bluetooth Low Energy (BLE)
Generally, mobile access control manufacturers rely on Bluetooth to enable workers to communicate with a remote reader through their smartphone. Bluetooth Low Energy, or BLE, allows access readers to share with user’s devices without the hassle of manual pairing.
Bluetooth technology also provides sufficient bidirectional bandwidth to power a secure connection, allowing worker’s devices to effortlessly communicate with an office’s remote reader from a few feet away.
Near Field Communication (NFC)
Apart from Bluetooth, other technologies like Near Field Communication, or NFC, can be used in mobile access control. NFC allows for communication between a reader or lock and a mobile device. Still, unlike BLE, it supports a limited range of communication—usually only a few inches—and is unavailable to iPhone users that use iOS technology.
The Challenges of Delivering Comprehensive Application Access
The benefits of enhanced workforce mobility are clear: increased efficiency, productivity, responsiveness, and business agility. However, as organisations expand access, they face severe security and management challenges that must be addressed to ensure continued growth and skill and eliminate potential security issues before they compromise the network, cloud, or application integrity; sensitive corporate or personal user data; and even an enterprise’s reputation.
Mobility is more than “mobile devices.”
Mobility is no longer just about managing devices like an employee’s smartphone and tablet or how their devices access an in-house network.
Mobility now entails securing, caring, and controlling fast access to and flow corporate data to and from multiple authorised (and, sometimes, unauthorised) users and their devices.
And these users are connecting to networks, clouds, applications, and sensitive resources and data from multiple types of devices, over multiple access networks, to and from enterprise applications and resources, scattered throughout numerous environments, all over the world.
Delivering a high level of secure, granular access while addressing so many different parameters is a daunting task—and an EMM solution alone is not enough.
Overburdening the IT department
Responding to the evolving requirements of controlling and managing mobility and mobile access is far from the only challenge confronting organisations. The size, complexity, and cost of network infrastructure are also growing at an incredibly accelerated rate.
Today, it seems that every new enterprise application requires the deployment of another new access gateway, a costly, time-consuming process that requires ongoing IT attention and management and maintenance—and that involves the potential for human error.
Moreover, security holes can result when different access gateways have conflicting policies—or gaps in security coverage—without the overall visibility necessary to ensure cohesive access control and security.
To keep pace, organisations need new, robust, flexible, and scalable ways to secure, manage effectively, and control data and information flow between their corporate resources and their mobile workforce.
They need to ensure fast, secure application and resource access, in addition to protecting and managing devices, apps, and data. What today’s organisation needs is a comprehensive mobile security and access platform.