Mobile Credentials (BLE / NFC / Apps) Guide

Author: Brian Rhodes, Published on Nov 14, 2017

One of the biggest trends in access for the last few years has been the marriage of mobile phones and access cards.

In this guide, we examine:

  • 4 key management problems
  • 2 practical problems for users
  • BLE vs NFC vs Apps Comparison

[Note: This tutorial was originally published in 2014 and substantially revised in 2017]

Mobile Credentials Are Slick

At a basic level, using mobile phones or tablets as credentials to open doors has a big cool factor. Take this simple demo of one setup below:

In simple terms, instead of ringing a card, fob, PIN, or fingerprint at a reader, a user flashes a phone and the door is unlocked.

Based on the rather personal value of phones, the idea that they accompany users like keys, wallets, or ID cards and they are protected (ie: not easily lost or misplaced) items make them good potential card replacements.

Management Problems

However, the transition is not a simple one, especially for commercial access control. A range of credential and access control management issues crop up not often issues with traditional credential methods. These include:

*** ** *** ******* ****** ** ****** *** *** **** few ***** *** **** *** ******** ** ****** ****** *** access *****.

** **** *****, ** *******:

  • * *** ********** ********
  • * ********* ******** *** *****
  • *** ** *** ** **** **********

[****: **** ******** *** ********** ********* ** **** *** ************* revised ** ****]

Mobile *********** *** *****

** * ***** *****, ***** ****** ****** ** ******* ** credentials ** **** ***** *** * *** **** ******. **** this ****** **** ** *** ***** *****:

** ****** *****, ******* ** ******* * ****, ***, ***, or *********** ** * ******, * **** ******* * ***** and *** **** ** ********.

***** ** *** ****** ******** ***** ** ******, *** **** that **** ********* ***** **** ****, *******, ** ** ***** and **** *** ********* (**: *** ****** **** ** *********) items **** **** **** ********* **** ************.

Management ********

*******, *** ********** ** *** * ****** ***, ********** *** commercial ****** *******. * ***** ** ********** *** ****** ******* management ****** **** ** *** ***** ****** **** *********** ********** methods. ***** *******:

[***************]

***** *** *****

****** ******, **** *********** ****, *** ******* *** - *** the **** ** * ****. *** *** **** ** *********** a ***** ** **** ******, ********* ******** ********* *** ******** updates ***** * **** ******* **** *********** *** *********** **** to ******** **** ******. ** * **** ****** ** ** lost, *** ******** ******** * $** ***** ** *******, ***** if * ***** ****** ** ** ****, ******* **** *** hundreds ** ******* ** ******* **.

**** ** *******

** **** *****, ********* **** *** ** ****** ******** ******. Therefore, '***** **** *** ******', ** *** **** ***** ******** their ******** ****** *** ********** **** ******** ******** ********, **** how ********** ******* ******** ** ********** ** ******* ** *** phone ****** *** ******* ** ****** ******** ************ *** ******* management ********* ** ******** *******.

******* ******* *******

******* *********** ***** ** **** ******* ** *** ***** **** is ******? ** ******* ************* ****** *** ************** ** *********, even ** **** ****** ***** **** ********* ** * ******? Or **** ********* ************ ******* *******? ****** ***, *** ******** leaves * *** ****** ** ** *********** *** ********* ****** if ****** *********** *** *** ****.

******** ********** ***********

****, ****** ******* *********** **** *** ** ****** ** *** physically *********** **** ********* ***** ** **** ****, ****** *********** must ** ******** *********** ** * ****** **** *** ****** unseen. ***** *** * *** ********* ****, *********** *** ****** for ****** ******** ******* ** *** * ****** ***** ********** is ***** *********** ** *** ***** ******** ** * **** that *** ****** ** *********** ** **** *********.

Practical ********

*** ** ******** ** '****' ********** ******, *********** ******* ******* cards ** **** *** ****** ******* ****** '****' ******** ****** as ****, *********:

******* ** ** ******* ***

****** ******** ***** **** *** ***** ******* **** *** ****'* picture, ****, *** ***** ***** ******** *******, ***** *** **** often ****** ** ******** ** ******. ***** * **** *** be **** ** ******* * ******* **** * *****'* ****** on *******, *** ****** ****** ** ********* ********** ** * glance **** * ******* ** **** *** ****.

********** ***********

*** *** ***** ** ********* ****** **** *** ** ***** with * ****** ***** ****** ** ****** *********. **** ******** as ***** ** ******* **** *** ****** **** ******, *** their ******* ** ******** *********** ******** ** ********* ********** **** or *****:

******, ******* *****, ********* *********, ******** ********, *** **** *****-******* demands *** ********* ****** **** *****. ***** ***** *** **** to *********** ********** ** ***** ********** ** ******* ***** **** with

Three ***** ****** *******

** ***** ** *******, ***** ****** ******* ** ****** *********** are **** ** ******:

  • *** (********* *** ******)
  • *** (**** ***** *************)
  • *** ***** ***********

**** *** * ****** ** ******** ******* ********* **** *****, frankly ********** *** **** **. **** ** **** ******:

BLE (********* *** ******)

***** * ******** ****-******* ** *** ****** *********** ******, *** is *** *** **** ****** ****** ****. *** ****** ** due ** *** ******** ********* ********* ** *** ** ****** phones, *** ********* * ****-******* ************* **** ***** ******* ********** of ***** **** ** ***********.

******* *** ******* ** **** *** ********* ***** *** **** or *** **** ******** ** ***, *** ************* ****** ****** money ** ******* *** ********* **** ********** ** ******* ****.

** ***** ** **********, *** ******** ****** ***** ** ********, so **** ***** ********* *** * *********** *** ******* ********* of ****** ********** *******.

*** *** ****** *** **** ****** ****** ** ****** *************, given ******** *********** ********* ********** *** ***/** *** ********* *****. Many ******** ***** ******** **********,****, *********, *** ***** ********** *** *** ** ******* ***********, including *******:

** ******* *** ******* ** ****** ** *** *** *** ****** ** ****** ***********.

NFC (**** ***** *************)

**** *** ****** ****** *******, *** *** *** ****** *********** giant *** ****** ******* ** ***** *** ** ***** **********/********** credential ****** ** ******. ***** ************ *******'* '***** *** **' ****** ********** *** ******* ** **** ***, *** *** *********** **** to **** *** **** ****** ** ***.

** ***** ** *********, *** *** *******, ********* ************ *** limitation ** ***** ***** ** *** * **********. **** ** NFC **** *** **** ******* ** ** ****** **********, ** can ** **** ** * ******* **** *** ***** ********* by *******.

*******, *** **** ** *** ** **** ** ***** **** manufacturer ********* ** *** *** ******. ***** *** *********** *********** adoption **.** *** ****** ******* **** **** ********* ****** ** demand/ *******, ** **** ******** **** ****** *** *** ***.

** ***** ** **** *** **** ******* *** *** **'* closest ********** ****** ***, *** ***** ***** ********* ***********:

*** ******* ********** ** *** *** ****** *** **** ******* as ******* *** *** ******* ***********. ******, ***'* *********** *** a ******* ******** ** *********** ****** ***'* *** ******.

App *****

** ******** ****** ** ***** ** *** ** ***** ** software ** ******* * **** ****** ******** ****** **** **** the ***** **** * **********. *** *** ****** ***** *** seen ** ******* ********-***** ********* *************, *** *** ***** **** ********** ********* ********,*****, ********, *** ******.

***** **** ******, ****** ****** ******* ** **** ******* **********, but ****** ******** ********* **** ********* **** ***********. **** ********* requires *********** *** *********** **** **** ** ***** ** ********, and **** ******** **** ******** ******** ****** ****** ****** ******* firewalls ** **** ***********. *** ***** *******, ** ** *** expect ** *** * ****** ****** ** ***-***** ****** ***********, but ** ******* * ************** ***** ***** *** ***** **.

Comments (15)

*** *** *** ************* ** *** ********** *****. ****** *** devices *** **** *** *** *** ** * ********** **** distribution **** ********* *********** ** *** *** ******** ** **** as *** ********** ** ***** ************* *** ******** ******** ******** those ******* ** ******** *** ***.

* **** ***** ** * **** ** ***, *** **** of *** ***** *** *** **** ***********. ** *** ********* by *** ************ **** *-*$ * ***** ***** ** ********* the **** ** * **** ************ *** ** **********. * believe ***** ****** ****** ** ** *** *$ ***** ** less *** **** **** **** ** ********* *********** *** *** market.

******* *** ************ ********* ** ******* *****. *** * *** people *** ****, *** **** *** ***** *********** **** ** 000s ** ********** *** ** *** ********* *** **** ********* with ******** ************ *******.

* ********** *** ****** ** ***** ****** ******* *********** ** this ****** *** ** ****** ***** ** *** ********** **** are *** *** *** ** **** ** ********** **** ***** solutions. *******, *****'* * **** ******** ****** ***** ********** *****. This ** ***** ** ***** *** ******** ** ****** *** it **** ******** * *****, *****, ***. ** ****** ** is *** ******** ** **** *** **** ******** ********* ** the ********* ************, *** **'* **** ******, ********, **** ** send ** *** ********** ****** *** **** ** **** ** a ******* *** ** * ***** ****** ** ****. *** initial **** ** ******** *** ** ******** ** *** *** is ********** ** *** ****** **** ** * ***** **** period ********. ** ** **** *** ********* **** ** ** used **** ******* ** *** ****** ***** ** **** ******* wioth ***** **** ********, ****** **** ********** ************ ** *** main ******* ** *** **** ******* *** ******** ****** ********.

**** ** ********* ** ***** *** ****** ******* ***********?

** *** ********* ** *** ******** *********** ** *** **** since * ** **** *** ** ****** **********. ******* ** certain ************ ** ** ****** ****** ***** ** ** **** to **** ** * ****** ****** *** **** ** **** of * ************ ****** ** ***** **** *******. **** ** being ******** *** ***** *** **** ** **** ****** ****** a ***** ***** **** ****** **** ** ********, **********, *********** operators ******* *** ******* ** **** **** * *****. ** course ** *** **** * ****** *** * ******** ******, you ***** **** **** *** **** ********, *** *** **** a ********* **** ****** ** ******. *******, ** *** **** is *** **** *** *** ***** *** *********, **'* **** flexible ** **** **** (** **** ** ********* ** **** with ******** *****) *** ** **** *** ***** *** ******** for *** ******* **** ****** (** **** *** ****** *******). Of ****** ** ¡** **** ***** ********* *********** ** ***** not ********* **** ** ***.

***'* ** ** ****** ******* ***** **** ******* ** ******** gates?

******, ** ** *** ******** ** ******* *** ** **** as * **** ****** ******* ****** ** *** *** ** all ********** ****** ******* *** ********, *** ******* ** *** title ** *** ****** ** **** **** "****** ***********"

***** *** **** ****** ********** **** ** ***** '*****' ** a *** *** ******* ********** *******, * ** ********* ** keeping ** ********* **** **** ****** **** ** ******* ********** more ******* ******-***** ****** ******* ***********.

*****, **** ** *** **** ** "****** **********"?

**** *********** *** ** ** ***** ***** *** ***** ** merge ****** ******* **** *** *******.

**** * **** **** ***** *'** **** **** ****....*** **** she's ** ********, *** ****** *** ******** **** *** **' memories.

******** *** ****... ***** *** ** *** ******** ***** *******...

**** *******, *** ** ** *** ***** **** ** ** the *** ** *** ******* **** ***'* ****** ****** ********* do *** ******* *** ** **** ** ***. ****** ** readers *** ** ******* ** ******* ******, ****, ** *******.

***** ******* :)

****** ***** *********** *** *** ** ************** **** **** ********* ** ************.

***

* ***** ******** ********* *** - ** *** ****** ******* the *** ** *** *****.

** **, ****'* *** ****** **** ***** *** **********?

*** *** *** ********* **** / ***** *** ***** *** on *******?

*** **** *** ****** ******** ** ** ********** *** ****** credential, *** **** *** ****** ********** **** ** **** ** the ****. * ***'* **** *** *********** ** ******* ******** with ********* ******** ***, *** * ***** ********** *********** *** to **** ***** ** ****** **********. ** * ***** ** wiped ** *** ****** ****** *** ** ******* *** **-*********, a *** ********** ***** ** ** ****** ** *** *****, even ****** *** ****** ******* *** ****.

* ******* *** ****** *********** *** ** ******* ** **** formats. *** ******* ******* ** ***** ***** ** *** ******* and ****** *********** *** ***-**** ********.

Mobile Credential Example

* ***** ******** ********* *** - ** *** ****** ******* the *** ** *** *****.

*** *** ** ************* ** **** * ***** ** **** to * ******** ******, *** ** ** *** ****'* ************/******* that ** ***********. ***** *** ********* *** ********* *** ******* with *** **** *****. ** **** **** ********?

*** *** *** ********* **** / ***** *** ***** *** on *******?

*** **** ** ******* ******* ** *** ***, *** ***** credentials ** *** ******* ***** **** *******.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

The 2018 Surveillance Industry Guide on Jan 16, 2018
The 300 page, 2018 Video Surveillance Industry Guide, covering the key events and the future of the video surveillance market, is now available,...
CES 2018 Show Final Report on Jan 12, 2018
This is IPVM's final edition of our 2018 CES show report. Below are already numerous images and commentary, with more coming tomorrow.   CES is...
The Interceptor Aims To Fix Vulnerability In Millions of Alarm Systems on Jan 08, 2018
Security executive Jeffery Zwirn claims a 'catastrophic' flaw exists in 'millions of alarm systems', and dealers could be liable if not fixed. The...
Multicasting Surveillance Tutorial on Jan 04, 2018
Network bandwidth can be a concern for some surveillance systems. While improvements in video codecs, such as smart codecs for H.264 and H.265,...
Access Control Course Winter 2018 on Jan 04, 2018
Learn more below about the Winter 2018 IPVM Access Control Course. Register here. IPVM offers the most comprehensive access control course in the...
Cabling Best Practices Guide on Jan 03, 2018
Surveillance cabling can be a major problem. Poorly installed and maintained networks are often costly, lengthy, frustrating ordeals to...
Multi-Imager Camera Guide on Jan 02, 2018
Multi-imager usage continues to grow, with most manufacturers now offering at least one model, making them an attractive option for covering wide...
2018 Access Control Book Released on Jan 02, 2018
This is the best, most comprehensive access control book in the world, based on our unprecedented research and testing, significantly updated for...
QoS for Video Surveillance on Dec 29, 2017
Along with VLANs, QoS is one of the most misunderstood topics in IP surveillance networks. Many purported "experts" claim it is required in any...
Resolution Tutorial on Dec 28, 2017
Understanding video surveillance resolution can be surprisingly difficult and complex. While the word 'resolution' seems self-explanatory, its use...

Most Recent Industry Reports

Chinese Government Hikvision Surveillance System On US Government Network on Jan 18, 2018
Hikvision, the Chinese government-owned manufacturer, has publicly claimed that their products are running on a US government network. Moreover,...
Camera Course - Last Day - Save $50 on Jan 18, 2018
Today is the last day to save $50 - register now. Learn video surveillance and get certified. Save $50 on the course, ending this Thursday the...
VSaaS Usage Statistics 2018 on Jan 18, 2018
VSaaS has been a 'next big thing' for more than a decade. The prospect of managing, storing and streaming video from the cloud rather than...
Vivint Streety Video Strengthens Door Knocking on Jan 17, 2018
Vivint is famous (or infamous depending on your perspective) for mastering large scale door to door selling. The company has skyrocketed from a...
Axis: "It’s A Question Of Trust And Who You Want To Be Associated With" on Jan 17, 2018
Who do you trust? Who do you want to be associated with? Axis is raising hard questions to start 2018. In this note, we examine these questions,...
Software House Vulnerability Allows Inside Attacker To Open Doors on Jan 17, 2018
A vulnerability in Software House IP-ACM modules allows an attacker to potentially unlock doors, or perform other actions, on affected systems....
'Defiant' Hikvision 'Strikes Back' At WSJ And US on Jan 16, 2018
The fight is on. Hikvision and their owner, the Chinese government, 'strikes back' against the Wall Street Journal and US politicians raising...
The 2018 Surveillance Industry Guide on Jan 16, 2018
The 300 page, 2018 Video Surveillance Industry Guide, covering the key events and the future of the video surveillance market, is now available,...
Edward Snowden Haven App Tested on Jan 16, 2018
Global coverage followed the December 2017 announcement that Edward Snowden was leading a team developing Haven, an app "that leverages on-device...
This High Schooler Is Excited About His Future Security Career on Jan 15, 2018
A common lament is that smart, young people have little interest in surveillance systems. In fact, discussions like Should Talented Young People...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact