NFC: Not Ready for Primetime

By: Brian Rhodes, Published on Oct 01, 2012

NFC continues to be the biggest buzzword in access control. HID, the principal manufacturer of the technology for EAC applications, is eager to evangelize its benefits every chance it gets. In this ASIS webinar, HID boldly claims to be ready to "revolutionize the access control industry". Does NFC stand ready to change EAC as we know it, or do major questions remain? In this note, we review the webinar, the key claims it made, and focus on what issues security professionals should be wary about when considering NFC.

Background

In our previous posts on NFC, we identified significant gaps in adoption. While the tone of this webinar, moderated by ASIS, is long on potential and promise of NFC, it is alarmingly thin on concrete details.

The three major problems discussed, but not fully addressed are:

  • How are existing Access Control systems upgraded to use NFC?
  • How should NFC adopters manage different mobile devices?
  • How are the process gaps in NFC deployment methods being addressed?

In the sections below, we take each question and explain how the webinar responded to, or answered the issues:

Upgrading Existing EAC Systems

When directly questioned on the best strategy for transitioning a current non-NFC system to an NFC enabled system, HID answer was essentially a 'shrug of the shoulders' with the statement "NFC adoption is the burden of the EAC companies to handle". While this may be true at some level, if HID expects NFC to be a reality, and continues to pitch it every chance they get, the EAC companies will need cooperation in overcoming the burden.

While incorporating NFC readers into EAC is not dramatically different than comparative types, installing and using credential management systems that work with NFC is a relative unknown - especially for the integrators and users who will have to make it operational. It is either deeply ignorant or manipulative for HID to dismiss such fundamental operational issues as a burden of someone else when you are pitching such a solution.

Using Mobile Devices

Who owns the device hosting NFC credential? That fundamental question is going to be answered on a case-by-case basis. The question forces the "BYOD, or Bring-Your-Own-Device" issue to the forefront - either companies must centrally issue and manage employee mobile devices, or they must learn to work with and support a broad array of privately owned devices.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

One of the biggest assumptions of NFC, both in terms of adoption and affordability, is that card holders will use their own phones and tablets to host credentials. Rather than issue plastic cards, credentials will be wirelessly transferred to these device, therefore trimming the expense and labor of generating physical credentials from operating costs.

In most cases, issuing company-owned phones to employees will not be an option, and we expect that many will opt for BYOD support for NFC. However, the presentation did little to provide answers for the problem of how to manage so many different devices, outside of describing a loose workflow concept involving yet-to-be released software.

Furthermore, based on data gathered from a Cisco case study, at least 67% of all Cisco-BYOD devices do not include NFC chips:

--

While NFC chip adoption is expanding, these incremental increases are not applying to major mobile device manufacturers like Apple, whose products (still) do not include NFC chips. Until the world's biggest mobile device manufacturers consistently include NFC in their offerings, workarounds must be developed for non-compliant devices or companies must standardize on supported devices. Either option impacts the economy of 'going NFC' significantly.

Process Gaps

At the end of the webinar, HID also briefly discussed problematic gaps in NFC's production deployment. The three questions they addressed were:

What Happens When My Battery Dies?: This is still a major problem with current devices. However, HID suggested that even if no power is available to make a call, enough power remains for the low-demand NFC transaction. In addition, HID described future plans for readers designed with the ability to passively energize a phone's NFC coil. However, at the current time, both phone designers and reader manufacturers have yet to fully address the problem.

What Happen When I Need to Open a Door While I'm on My Phone?: HID's 'solution' offered two options for this problem. First, for 'low security applications', credentials can be written to a device in such a way that NFC always possesses the right credentials, and no interruption in phone service is required to update the NFC chip. The phone call is interrupted only as long as it take to wave the phone in front of a reader. However, the also relies on the reader itself being wired to the network to have current access credentials.

For 'high security' applications where this method is not an option, HID suggested that mobile apps and phone hardware design still needs to be developed to answer the problem.

When will the Credential Provisioning Ecosystem be Available?: This question centers on the software portal needed to write/revoke, buy, and distribute NFC credentials to mobile devices. While HID displayed several whiteboard flows and software flowcharts of this software, no production release has been made. Until this happens, there is a major gap in issuing and managing NFC credentials. HID explained that a solution should be expected as early as 'the end of 2012', but the fact remains that until this point - regardless of final cost - NFC is simply not ready for production deployment.

3 reports cite this report:

New Siri Powered Kwikset Lock on Jan 08, 2016
Your voice is your key with a new residential doorlock, Kwikset's Premis. Using your Apple phone, you can command your door to lock and unlock even...
"Future-Proofing" Access Control Guide on Jul 30, 2015
Its one of the most misused phrases around: "Future-proof". However, even without the crystal ball and wizards, designing access control to be...
HID Troubles Behind CEO Ouster on May 28, 2015
Access control is typically 'boring'. But the biggest manufacturer in the industry shocked many with the out-of-the-blue departure of HID's...
Comments : PRO Members only. Login. or Join.

Related Reports

Mobile Access Usage Statistics 2019 on Jul 18, 2019
The ability to use mobile phones as access credentials is one of the biggest trends in a market that historically has been slow in adopting new...
How To Troubleshoot Wiegand Reader Problems - Inverted Wiring on Jul 16, 2019
Wiegand is the dominant method of connecting access readers, but problems can arise for installers. In fact, one of the most difficult reader...
Nortek Blue Pass Mobile Access Reader Tested on Jul 11, 2019
Nortek claims BluePass mobile readers are a 'more secure and easy to use approach to access', but our testing uncovered security problems and...
Poor OSDP Usage Statistics 2019 on Jul 09, 2019
OSDP certainly offers advantages over decades-old Wiegand (see our OSDP Access Control Guide) but new IPVM statistics show that usage of OSDP, even...
Directory of 60 Video Surveillance Startups on Jun 25, 2019
This directory provides a list of video surveillance startups to help you see and research what companies are new or not yet broadly known. 2019...
HID Mobile Tested on Jun 21, 2019
HID Global is one of the largest access brands, but their mobile access has had challenges. Indeed, the company has already restructured their...
Genetec Synergis Cloud Link - Complex, Costly and Confusing on Jun 18, 2019
Genetec's Synergis Cloud Link is complex, costly and confusing compared to competitor access control architectures. Inside this note, we examine...
Biometrics Usage Statistics 2019 on Jun 17, 2019
While face and fingerprint recognition are used regularly for smartphones, it is not as common in physical security. In this note, we examine...
Farpointe Data Conekt Mobile Access Reader Tested on Jun 13, 2019
California based Farpointe Data has been a significant OEM supplier of conventional access readers for years to companies including DMP, RS2, DSX,...
Dumber Techs, Bad Box Movers, Says Australian Distributor on Jun 10, 2019
Techs today are "dumber" than they used to be, despite better education and training and that makes a typical day "frustrating" for one...

Most Recent Industry Reports

History of Video Surveillance on Jul 19, 2019
The video surveillance market has changed significantly since 2000, going from VCRs to emerging into an AI cloud era.  The goal of this history...
Mobile Access Usage Statistics 2019 on Jul 18, 2019
The ability to use mobile phones as access credentials is one of the biggest trends in a market that historically has been slow in adopting new...
New GDPR Guidelines for Video Surveillance Examined on Jul 18, 2019
The highest-level EU data protection authority has issued a new series of provisional video surveillance guidelines. While GDPR has been in...
Anyvision Aims For 2022 Revenue of $1 Billion on Jul 17, 2019
Only 3 video surveillance manufacturers do a billion dollars or more in annual revenue - Hikvision, Dahua, and Axis. Now, Anyvision plans to join...
HD Analog vs IP Guide on Jul 16, 2019
For years, HD resolution and single cable signal/power were IP camera advantages, with analog cameras limited to much lower resolution and...
How To Troubleshoot Wiegand Reader Problems - Inverted Wiring on Jul 16, 2019
Wiegand is the dominant method of connecting access readers, but problems can arise for installers. In fact, one of the most difficult reader...
ZeroEyes Gun Detection Startup on Jul 16, 2019
A gun detection video analytics startup, ZeroEyes, is being led by a group of 6 former Navy SEALs, aiming to "save lives" by using AI to assist...
Motorola Acquires Watchguard, Adds to Vigilant And Avigilon on Jul 15, 2019
2 years ago, Motorola had no position nor relevancy to video surveillance. Now, they own major video surveillance, LPR and body camera providers...
Hikvision Global News Reports Directory on Jul 15, 2019
Hikvision has received the most global news reporting of any video surveillance company, ever, ranging from the WSJ, the Financial Times, Reuters,...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact