NFC: Not Ready for Primetime

By: Brian Rhodes, Published on Oct 01, 2012

NFC continues to be the biggest buzzword in access control. HID, the principal manufacturer of the technology for EAC applications, is eager to evangelize its benefits every chance it gets. In this ASIS webinar, HID boldly claims to be ready to "revolutionize the access control industry". Does NFC stand ready to change EAC as we know it, or do major questions remain? In this note, we review the webinar, the key claims it made, and focus on what issues security professionals should be wary about when considering NFC.

Background

In our previous posts on NFC, we identified significant gaps in adoption. While the tone of this webinar, moderated by ASIS, is long on potential and promise of NFC, it is alarmingly thin on concrete details.

The three major problems discussed, but not fully addressed are:

  • How are existing Access Control systems upgraded to use NFC?
  • How should NFC adopters manage different mobile devices?
  • How are the process gaps in NFC deployment methods being addressed?

In the sections below, we take each question and explain how the webinar responded to, or answered the issues:

Upgrading Existing EAC Systems

When directly questioned on the best strategy for transitioning a current non-NFC system to an NFC enabled system, HID answer was essentially a 'shrug of the shoulders' with the statement "NFC adoption is the burden of the EAC companies to handle". While this may be true at some level, if HID expects NFC to be a reality, and continues to pitch it every chance they get, the EAC companies will need cooperation in overcoming the burden.

While incorporating NFC readers into EAC is not dramatically different than comparative types, installing and using credential management systems that work with NFC is a relative unknown - especially for the integrators and users who will have to make it operational. It is either deeply ignorant or manipulative for HID to dismiss such fundamental operational issues as a burden of someone else when you are pitching such a solution.

Using Mobile Devices

Who owns the device hosting NFC credential? That fundamental question is going to be answered on a case-by-case basis. The question forces the "BYOD, or Bring-Your-Own-Device" issue to the forefront - either companies must centrally issue and manage employee mobile devices, or they must learn to work with and support a broad array of privately owned devices.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

One of the biggest assumptions of NFC, both in terms of adoption and affordability, is that card holders will use their own phones and tablets to host credentials. Rather than issue plastic cards, credentials will be wirelessly transferred to these device, therefore trimming the expense and labor of generating physical credentials from operating costs.

In most cases, issuing company-owned phones to employees will not be an option, and we expect that many will opt for BYOD support for NFC. However, the presentation did little to provide answers for the problem of how to manage so many different devices, outside of describing a loose workflow concept involving yet-to-be released software.

Furthermore, based on data gathered from a Cisco case study, at least 67% of all Cisco-BYOD devices do not include NFC chips:

--

While NFC chip adoption is expanding, these incremental increases are not applying to major mobile device manufacturers like Apple, whose products (still) do not include NFC chips. Until the world's biggest mobile device manufacturers consistently include NFC in their offerings, workarounds must be developed for non-compliant devices or companies must standardize on supported devices. Either option impacts the economy of 'going NFC' significantly.

Process Gaps

At the end of the webinar, HID also briefly discussed problematic gaps in NFC's production deployment. The three questions they addressed were:

What Happens When My Battery Dies?: This is still a major problem with current devices. However, HID suggested that even if no power is available to make a call, enough power remains for the low-demand NFC transaction. In addition, HID described future plans for readers designed with the ability to passively energize a phone's NFC coil. However, at the current time, both phone designers and reader manufacturers have yet to fully address the problem.

What Happen When I Need to Open a Door While I'm on My Phone?: HID's 'solution' offered two options for this problem. First, for 'low security applications', credentials can be written to a device in such a way that NFC always possesses the right credentials, and no interruption in phone service is required to update the NFC chip. The phone call is interrupted only as long as it take to wave the phone in front of a reader. However, the also relies on the reader itself being wired to the network to have current access credentials.

For 'high security' applications where this method is not an option, HID suggested that mobile apps and phone hardware design still needs to be developed to answer the problem.

When will the Credential Provisioning Ecosystem be Available?: This question centers on the software portal needed to write/revoke, buy, and distribute NFC credentials to mobile devices. While HID displayed several whiteboard flows and software flowcharts of this software, no production release has been made. Until this happens, there is a major gap in issuing and managing NFC credentials. HID explained that a solution should be expected as early as 'the end of 2012', but the fact remains that until this point - regardless of final cost - NFC is simply not ready for production deployment.

3 reports cite this report:

New Siri Powered Kwikset Lock on Jan 08, 2016
Your voice is your key with a new residential doorlock, Kwikset's Premis. Using your Apple phone, you can command your door to lock and unlock even...
"Future-Proofing" Access Control Guide on Jul 30, 2015
Its one of the most misused phrases around: "Future-proof". However, even without the crystal ball and wizards, designing access control to be...
HID Troubles Behind CEO Ouster on May 28, 2015
Access control is typically 'boring'. But the biggest manufacturer in the industry shocked many with the out-of-the-blue departure of HID's...
Comments : PRO Members only. Login. or Join.

Related Reports

HID Fingerprint Reader Tested on Oct 09, 2019
HID has released their first access reader to use Lumidigm optical sensors, that touts it 'works with anyone, anytime, anywhere'. We bought and...
Fail Safe vs. Fail Secure Tutorial on Oct 02, 2019
Few terms carry greater importance in access control than 'fail safe' and 'fail secure'. Access control professionals must know how these...
Access Control Mustering Guide on Sep 30, 2019
In emergencies, determining where employees are located can be critical for knowing whether they are in danger. Access systems can be used for...
Access Control Course Fall 2019 - Save $50 Last Chance on Sep 30, 2019
Register Now - Fall 2019 Access Control Course. Save $50 through October 10th. Thursday, October 17th is the last day to register. IPVM offers...
Access Control Mantraps Guide on Sep 26, 2019
One of access's primary goals is keeping people out of places they should not be, but slipping through open doors (ie: Tailgating) is often...
Access Control Time & Attendance Guide on Sep 24, 2019
Access control systems can do more than lock doors. With little or no extra equipment, they can be used to track labor hours for employees...
Open Access Controller Guide (Axis, HID, Isonas, Mercury) on Sep 19, 2019
In the access control market, there are many software platforms, but only a few companies that make non-proprietary door controllers. Recently,...
Directory of 69 Video Surveillance Startups on Sep 18, 2019
This directory provides a list of video surveillance startups to help you see and research what companies are new or not yet broadly known. 2019...
Manufacturers Unhappy With Weak ASIS GSX 2019 And 2020 Shift on Sep 16, 2019
Manufacturers were generally unhappy with ASIS GSX, both for weak 2019 booth traffic and a scheduling shift for the 2020 show, according to a new...
ASIS GSX 2019 Final Show Report on Sep 12, 2019
IPVM went to Chicago for ASIS GSX 2019, with many exhibitors disappointed about traffic and the exhibitor schedule changing next year. However,...

Most Recent Industry Reports

Axis HD Analog Encoder Tested on Oct 11, 2019
Two years after declaring "Everything is IP", Axis has released their first HD analog encoder, the P7304, with support for AHD, CVI, TVI, and SD...
Dahua Celebrates PRC 70th Wearing Communist Party Hammer and Sickle on Oct 11, 2019
Dahua celebrated the PRC's 70th anniversary with a video of various Dahua employees wearing China Communist Party Hammer and Sickle pins as shown...
Last Chance - Register Now - October 2019 IP Networking Course on Oct 10, 2019
Last Chance - Register Now - Fall 2019 IP Networking Course. The course starts next week. This is the only networking course designed...
Network Optix NxWitness 4.0 Tested on Oct 10, 2019
Network Optix released Nx Witness 4.0, proclaiming new features like a deep learning analytics metadata SDK, increased H.265 support, and UX...
HID Fingerprint Reader Tested on Oct 09, 2019
HID has released their first access reader to use Lumidigm optical sensors, that touts it 'works with anyone, anytime, anywhere'. We bought and...
ONVIF Suspends Dahua and Hikvision on Oct 09, 2019
Dahua and Hikvision have been 'suspended', and effectively expelled, from ONVIF, immediately following US sanctions being placed on the 2 mega...
Hikvision And Dahua Sanctioned For Human Rights Abuses on Oct 07, 2019
In a groundbreaking move that will have drastic consequences across the video surveillance market, Dahua and Hikvision have been sanctioned by the...
Avigilon H5A Analytic Cameras Tested on Oct 07, 2019
Avigilon has released its H5A analytic cameras, claiming to "detect more objects with greater accuracy even in crowded scenes." We tested the...
Crisis At China's Largest VMS Provider, Netposa, Now State-Controlled on Oct 07, 2019
NetPosa, which bills itself as the PRC's largest VMS provider, is in a crisis. The firm is pursuing huge unpaid bills from clients, and its...
Knightscope Sells Just 1 Net New Robot In 6 Months on Oct 04, 2019
For the first half of 2019, US government records show that Knightscope has sold just 1 net new robots ('machines-in-network'), inching up from 52...