HID Launches Origo To Fix Mobile Credential Problems

By Brian Rhodes, Published Feb 05, 2019, 12:21pm EST

HID is releasing Origo, an overhaul of its mobile credential platform, this time drastically restructuring the way it is priced and packaged. HID's Origo app is the replacement for Mobile Identities Portal and is slated to include other access management utilities like HID's Reader Manager [link no longer available].

**** *********** *** ****** about *** *** *******, and ****** ** ******* what ** ** *** how *** ******* *** company's ******** ** ****** credentials.

HID's ******** **** ******

***** *** ** ******** one ** *** **** highly ***** ****** ****** vendors (*.*. *** *** rated ******* ********** ****** ******* ****** Manufacturer ****), *** ***** *******'* mobile *********** ********* ***** get **********.

* ********* ** ****** user ********* ******-******** ********** include:

  • "***** ***** ******* ******** and ******* ********* **** as ****** ****** *** be ***** ***** *** confusing!"
  • "*** ********* ******* *** *********** need **** ********* ***."
  • "********* **** ******* **** Mobile *********** *** *********** readers *** **** *** easy ** ***."
  • "*** *** ***** ***** has *** **** ****, the ****** *** *** readers **** **** **** a **** *** ** [installer] *** ********* [*** users]."

***** ****** *********** **** grown ** ** ****** differentiator, *** **** *** have *** *********** ******-***** and *********** *** ******* has **** *********** ***********, leaving *** ****** **** to ********** **** * number ** ********** ************* ****,******,********,*****,*****, *** ******** **** ********.

New **** ******* *****

*** ****** ******* ****** with******* **** *** ****** pricing *** ************* **** device ********** ** *** credentialing ******** *****, ********* all ***** *******, **** one ****** ***.

*** ********* *** ****** to ****:

*** *** ********, *** Origo, ****** * ******* model **** ****** ****** unpredictability. ***, ** ************* pays * **** ******* per ****/****. *** ************, credentials, *******, *** ********* events *** ******** ***** licensed *****. *** **** is ** **** ****** to ***** * ******, but ******** **** ******* customer ***** ****** ** is ***** **** ** ownership.'

*** ****** ********* *** problems ***** ****** ***** would **** ** *** new ****** ***** *** each ****** **** *******, or **** ****** ** change ******* ******* ****** upgrades, ********, ** ******:

'** *** ****** ********, the ******* *** **** for ** * *** credential ***** ** ***** the ****** ***** **** cards. ********** *** ***** that ** ** ** issue **** **** ***** have **** **** *** smart ******, ********* ******** credentials. ***, *** **** the ************* ******* *** credential, *** **** ******* the ***, ** *** device ** ******** ** a ***** *****, *** credential ** ********* *** a *** *** **** be *********. **** *** create *********** **** ****** to *********.'

*** ********** ******** ********* final '****' *******, *** mentioned **** **** ***** should ****** ** *** about $*/*** ****. **** clarified:

*** ********* ********, ***-***** can ****** ** *** less **** $*.** *** user *** ***** *** the *** ***** ****** Identities *******.

No ****** ****** ***-**-**** **** ***

************ *************** ***********, *** *** ******** no ******** ** **** end ******* ** ******* for ******** *****. *** company ******:

'** **** *** ******** communicated * ******** ***... We **** ******* ************ applied *** ********** ******* across * ****** ** customers *** ** ******** to ****** ** ** make *** ********* ****** seamless *** ********* ** the ****** ********.'

*** ******* **** **** that ******** *********** ******* and *********** **** ** preserved ****** ** ******** upgrade, *** **** ***** should *** ****** ***********:

'*** *** **** ************* that ********** **** *** legacy ****** ** *** new ******** **** ******** all *****, *******, *** credentials ****** ******* – it **** ** *********** seamless *** **** ****** will *** ****** *** transition ****** *** ** updated **** ********* *** better *********** **** **** login. ************, *** ********* will ** ******** *** the *********** ****’** **** in *** ****** ******.'

************, *** ******* **** that ***** **** **** not **** ** ** replaced ** *** **** phones:

'***** ** ** ********* or ******** ****** ** the ****** ************ ** the ****** *********** ***’* -- **** *** ***** backward ********** **** *** Origo.'

Two ********* ** ******

*** *************** ** **** **** just * *********** *** the ******** ****** *********** platform, *** **** ******** the ********* '****** *******' app [**** ** ****** available] *** **** **** to ******* ***** *********:

*** '****** *******' *** is ** ************ *** systems ********** **** ******* installers *** ***** ****** phones ** *********, *******, or ******* ******* ** the *****. *** ***********, launched ** ****, ** included ** ***** ** launch.

More ***** ********* *******

*** ***** **** **** plan ** ****** *** utilities ******* ** *** platform, ********* ********** ************ from***'* **** *********** ** 'Enterprise ***' ******** *********.

********* [**** ** ****** available] ** * ***-******** specific ****** ******, ***** Tracking, *** ********* ********* Management ******** *** *** benefits ** ********* **** Origo *** ******* *** will ******* ******* ***********.

******, *** ******** ***** once ********* **** ****** beyond ******* *** ******* controllers ** **** ** be * ******* ****** hardware *** ************* ***:

'***** **** ******* ***** connectivity ** *** ******* and *********** (***** **** select *****-***** ****** ******* devices) *** ****** *********** and *********** *********** **********, offering ********** ******** * single ***** ** *********** to ****** * **** array ** ****** ******* devices.'

Does *** ******* **** ******* *********

*** ****** *** ***** clear - *** ***** functionality **** ** ******* incumbent *** ******* ********* and ** *** * replacement ***********.

*** *********:

'***** ** *** ******** access ******* ******** ** the *********** *****.  ** cannot, *** **** ***, replace ******* ****** ********** systems.  ******, ********** ******** will **** ****** ** integrate *** ***** ******** into ***** ********, ******, market-leading ******** *********. ******, the *********** **** ******* cloud ************ ** *** and ****** *****-***** *******, offering ********** ******** * single ***** ** *********** to ****** * **** array ** ****** ******* devices.'

Origo ******* 

** ** ***** ****** has *** ******* ** access ****** ***********, *** does *** ***** *********** market ***** *** ******** installed **** **** *** segment ******** ** ******** card/fob ***********.

** ***'* ******, *** company *** ********** *** traditional ********** ******* ****** have *** **********, *** Origo ** * ***** in ******** ** ** alternative ******* *****.

*******, ******* ** *** Origo, * *** *** unproven ***, ** *** best ****** ****** ** executing **** ****** ** yet ** ** ****.

 

Comments (26)

Hid is done for. Had a customer want the BLE and it was complete junk.

Agree: 2
Disagree: 6
Informative
Unhelpful: 1
Funny

I have a university that grows 30K credentials per year, old credentials are archived, however HID Mobile was too clunky to justify the cost for uplifting 2900 card readers.

Agree: 1
Disagree
Informative: 2
Unhelpful
Funny

Yes, I am sure HID is about to close up their billion dollar business. 

Agree
Disagree
Informative
Unhelpful
Funny: 9

Did they address the issue that you need an android device to configure the mobile-ready readers? 

Agree
Disagree
Informative: 1
Unhelpful
Funny

I'll ask HID to comment on this.  Thanks for bringing it up, as that's a big issue.

Agree: 1
Disagree
Informative
Unhelpful
Funny

HID responded, Origo on iOS is supported.  They also say the issue configuring BLE readers can be done via iOS as well:

HID Reader Manager, released last year, is available on both iOS and Android.  We addressed the issue referenced by your member.

Historically, our BLE Config App, contained a small subset of the functionality and was only available on Android.  This was the impetus for the question.

Agree
Disagree
Informative: 3
Unhelpful
Funny

The good thing about HID is they acknowledge the short comings and problems their technology is having. It’s great to see a company proactively working on new ideas to adapt in a changing market. I believe HID, much like it’s parent company, will continue to lead and innovate well into the future.

Agree: 1
Disagree
Informative
Unhelpful
Funny

Yeah, it's getting better. We're a software partner of theres and the process is getting better. Not quite perfect yet though. 

Agree
Disagree
Informative
Unhelpful
Funny

I have asked a few companies offering mobile credentials why exactly the credential is so expensive. With cards you can kind of understand the price due to the physical card (though they are not very expensive to manufacture). But, a $7.00 street price for a mobile credential? That just seems ridiculous and like HID is trying to find any way they can to hang on to a legacy sales model of selling credentials.

While I know it is not exactly the same, I can use my mobile phone and BLE or NFC to pay for a variety of things, unlock things, and so forth. All without having to pay for any kind of "credential" to act as a unique identifier to me or my device.

Maybe if HID (and others) had some form of highly secure credential with other value-add features or functions the price would make sense, but it does seem that for the average user you should be able to do mobile credentials that are $0, and still more than secure enough for access control.

Agree
Disagree
Informative: 1
Unhelpful
Funny

Those mobile cards in your apple wallet or Android pay app are incredibly expensive. They just charge you interest fees and management fees rather than a charge for the card itself. 

 

Agree
Disagree
Informative
Unhelpful
Funny

As a specifier, I would love someone to demystify the whole mobile credential workflow. I feel like it should be as easy as emailing someone the credential from the ACS software, they click a link, ready to go.

I do realize it is much more complicated than that, but I have yet to find a sales rep that understands it enough to explain or demonstrate it. 

 

Agree: 1
Disagree
Informative
Unhelpful
Funny

Integration of the workflow varies, and is an aspect Origo claims to improve. 

With that said, IPVM will test this later this year with our in-house equipment, and we will assemble findings in a report.

Agree
Disagree
Informative: 2
Unhelpful
Funny

Hey Brian, I'm one of the founders of Sequr (Sequr) we have fully integrated the Origo SDK into our mobile app and their provisioning APIs to enable one-click provisioning from our management portal. Would love to have you guys experiment/review. 

Agree
Disagree
Informative
Unhelpful
Funny

Undisclosed #7-

Re: Demystification of the mobile access credential workflow, my suggestion is to look deeper into how each of the incumbents mentioned in Brian's article above handle the process (i.e. Farpointe Data, Nortek, Wavelynx, Lenel, Brivo, and startups like Openpath).

Note I'm familiar with a few of the methods currently utilized and there are real differences in panel support, security and convenience.

I bet you'll be surprised with what you find!

Agree: 1
Disagree
Informative
Unhelpful
Funny

my suggestion is to look deeper into how each of the incumbents mentioned in Brian's article above handle the process

That's a good idea for an IPVM guide.  I'll add it to the queue.

Agree
Disagree
Informative
Unhelpful
Funny

HID commented on pricing for Origo, stating the annual cost per user to be about $6:

End-users can expect to pay less than $0.50 per user per month for the HID Origo Mobile Identities service.

I am revising the report to reflect this.

Agree
Disagree
Informative
Unhelpful
Funny

Will HID still be offering the temporary 7-day mobile credentials?

Agree
Disagree
Informative
Unhelpful
Funny

Hello.  I asked HID for a response and will post when I hear back.  Thanks.

Agree
Disagree
Informative
Unhelpful
Funny

HID responded to this:

Not exactly but the temporary user (e.g. visitor) use case is accommodated in the new pricing model.  In fact, it is simpler and less expensive than before.  There is no need for a distinction in the credential type itself.

In HID Origo Mobile Identities, the Administrator has an unlimited number of credentials to issue across licensed users.  Since the licenses are transferable without restriction, a single license can be used for many visitors in the same day as long as they are not credentialed at the same time.  When all credentials are revoked from a user, that user becomes inactive and the license he/she was consuming instantly becomes available. 

Agree
Disagree
Informative: 3
Unhelpful
Funny

Thanks for the report!

If we are talking about HID, I know it's not closely related to this topic, but what about HID and Apple NFC support?

I'ts working fine on android, and there were rumours that Apple will open the SDK not only for Apple Pay but also for access control.

For me it is an important topic.

Thanks

Agree
Disagree
Informative
Unhelpful
Funny

Thanks Attila. l will ask HID about this. 

With that said, which features would NFC provide for Apple that BLE does not?

Agree
Disagree
Informative
Unhelpful
Funny

NFC support on apple would greatly reduce the transaction time from BLE. NFC on Android has been a huge improvement for reliability and speed of credentialing. 

Agree
Disagree
Informative
Unhelpful
Funny

Wow, for some reason I didn't see your reply.

It is totally different from operational point of view. BLE is much slower, and NFC due to apple wallet is really fast, it is really like using a card.

On the other hand, you cannot use BLE if you are in a line of gates what offices usually have. BLE could be okay for a warehouse backdoor where there is no any door within a certain distance.

One more thing, NFC is built in all HID readers, but BLE is additional module, with additional costs.

Thanks

Agree: 1
Disagree
Informative: 2
Unhelpful
Funny

 No worries. Interesting on this, just to make sure I understand:

On the other hand, you cannot use BLE if you are in a line of gates what offices usually have. 

Do you mean if you have 'layers' of openings where BLE potentially overlaps, it cannot work?

Agree
Disagree
Informative
Unhelpful
Funny

Brian, what he means is that BLE can communicate up to ~50m away where as NFC must be within about half an inch. Therefore, if you have a reader in a parking deck scenario BLE allows you to communicate with the reader w.o rolling down the window or physically touching the reader. 

Agree: 1
Disagree
Informative
Unhelpful
Funny

Yes, so if you have 4-6 readers close to each other the app cannot determine which one you want to authenticate on. NFC is more working like a card.

Just unfortunately apple still keeps locked the NFC, from this kind of application.

Agree
Disagree
Informative
Unhelpful
Funny
Read this IPVM report for free.

This article is part of IPVM's 6,896 reports, 921 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports