What are credentials?
In access control, a credential is the thing that is used by the system to validate a user’s identity. When a person tries to gain entry to a secure area, they must present a credential before being granted access. Credentials come in a wide range of different forms, but can generally be thought of as:
What are mobile credentials?
Mobile credentials are a form of credential that allows the user to gain access using their mobile phone. Also known as smartphone credentials, this type of validation usually involves an app that connects to the access control system. The user generally must have their mobile phone within a certain proximity of the door they wish to enter in order to be granted access.
What’s the point of smartphone credentials?
Our day-to-day lives are controlled more and more by our smartphones. Communication, gaming, television, music, banking, shopping, and learning are all in the palms of our hands. The primary reason why our society has made such consistent moves towards mobile phones is convenience. Modern smartphones are small and light enough to carry around everywhere, but powerful enough to assist with any number of daily tasks.
It’s therefore no surprise that access control has also embraced the mobile revolution. Carrying a swipe card to work every day could become a thing of the past. In today’s world, convenience is king.
What are the benefits of mobile credentials?
Mobile credentials are convenient, cost-effective, and secure. For the user, there’s no need to remember a PIN or password. You are significantly less likely to lose or forget a high-value item like a mobile phone than a swipe card or fob. The reality is that we all have our phones all the time. App-based access control is natural, intuitive, and makes life easier for users.
Mobile credentials also mean there’s no need to constantly replenish a stock of physical cards or tags. For businesses, that means money saved in the long run. Moreover, fewer swipe cards in the world means less plastic. That’s a benefit the whole planet can appreciate.
Moreover, the risk of a security breach due to a lost or stolen card is a big concern for facility managers. Some smartphone credentials require the app to be open and the phone unlocked to allow entry. That means that even if a user’s phone was stolen, the thief would not be able to use their mobile credentials to falsely gain access.
Who uses mobile credentials?
Smartphone credentials are for anybody. Whether it’s a large office building or a small local business, the benefits of convenience are the same. Our lives are busy and there is always a lot to think about. With mobile credentials, it’s one less thing to remember to put in your handbag every morning. It means no need to walk around wearing a lanyard all day.
We always have our phones. Our lives have become irreversibly intertwined with them. Why not take advantage of that fact and make access control simpler and easier?
Five methods of validating your identity
Mobile-PASS offers the ultimate in flexible access control. Choose from five different methods of ID validation – whatever is easiest for you.
- Biometric: Use the built-in fingerprint scanner or facial recognition camera on your phone.
- Scan: Simply hold your phone up to the reader to unlock the door.
- Touch: Open the app and tap a button to let yourself in.
- Voice: Say the words “open door” to, well… open the door!
- Automatic: The reader finds your phone in the vicinity and triggers the unlock straightaway.
End-to-end encryption as standard
Mobile-PASS smartphone credentials are only available alongside the A22K controller and the K series of readers. That means that from the ATRIUM server all the way through to your mobile phone, your data is safe.
AES encryption is a global standard in cyber security that was chosen by the United States government as its preferred method of encryption. It is a symmetrical block cypher. This means it uses the same key to encrypt data as it does to decrypt it. When data enters the AES encryption process, a complex algorithm is applied to it to conceal the message.
There are two types of AES encryption: 128-bit and 256-bit. The 128-bit format is the standard, with 256-bit reserved for the very highest security requirements. Using brute force methods (where each possible encryption key is tried one after the other), AES256 is virtually impenetrable. It would take billions of years of constant attempts to crack a single key.
Building access control systems with mobile credentials
To build a Mobile-PASS system, you need three essential components: a controller, a reader, and a mobile phone.
The controller is the brains of the system. It decides whether to grant access to a user, which door to open, and when each door can be unlocked. All these settings are configured in the management portal. ATRIUM can be managed either through desktop software, or in a web browser.
The readers are located wherever there is a door to a secured area. If you need to control who goes in, you need a reader. The job of the reader is to analyse the credential that is presented to it and send that information back to the controller. In the case of Mobile-PASS, you have to be within a defined distance of the reader to validate the mobile credential. That means that you can’t unlock your office door while sitting at home.