More than 300 million Americans own smartphones. Most of them are comfortable using mobile devices for secure activities in their personal lives, like payment transactions and entry to sporting events or concerts. And in more recent years, the use of mobile devices for secure actions has extended into the workplace.
Nearly a third (32%) of organizations use mobile credentials to secure access to physical and digital assets. Mobile access control leverages familiar smartphone technology to manage employee access to systems, devices and data in a seamless, highly secure manner. As more organizations adopt this technology, it’s important to understand its security benefits and its potential to increase operational efficiency at your organization.
What is a mobile access control system?
A mobile access control system is a security framework that uses mobile devices as authentication tools to regulate and manage access to resources, networks or systems. A growing share of businesses are transitioning from using physical ID badges or cards for logical access control to mobile credentials for enhanced security and multi-factor authentication (MFA) compliance.
In a mobile access control system, a user’s mobile device satisfies two of the three core tenets of MFA: “what you have,” “what you know” and “what you are.” The device itself acts as “what you have,” serving as the physical component for access. By securing the mobile device with a passcode (something you know) or biometric data like Face ID (something you are), the device also meets one of the other two MFA criteria. This dual functionality not only enhances overall security, but also streamlines compliance with MFA requirements.
Mobile credentials refer to the digital version of an ID badge or other physical credential used to identify and authenticate users. Mobile credentials can be conveniently and securely accessed via mobile apps using Bluetooth® Low Energy (BLE) technology, or stored in mobile wallets, which are read using Near Field Communication (NFC) technology. Leading providers of these mobile wallets include Apple, Google and Samsung, offering widespread availability for logical access control.
What are the benefits of mobile access control?
Mobile access control offers a wide range of benefits, but the enhanced security and ease of use set it apart. Unlike physical cards and fobs that are easy to lose, mobile credentials are stored on an employee’s phone, making them easier to keep track of — and less likely to fall into the wrong hands.
Additionally, the mobile authentication process mirrors how people use their phones in everyday life — a simple tap and go. All you need is a Face ID or passcode to open your device.
Organizations across industries can leverage mobile access control systems. Rising cyberthreats in sectors like healthcare, manufacturing, financial services and higher education are driving the demand for improved operational security. Mobile access provides an effective solution by integrating MFA and credential provisioning that enhances IT teams’ control over security measures.
The integration of mobile credentials for access control streamlines and secures daily operations, facilitating activities like secure document printing, controlled vending machine access and passwordless single sign-on (SSO).
How does mobile access control work?
Two key technologies power mobile access control systems: NFC and BLE. Our WAVE® ID readers can support both NFC and BLE frequencies for mobile credentials, as well as proximity and contactless cards.
The WAVE ID® Plus Mini, WAVE ID® SP Plus and the WAVE ID® Mobile Mini support NFC, while the WAVE ID® Mobile Mini supports both NFC and BLE frequencies. Both NFC and BLE have their strengths, so it's important to understand which one is right for your business.
Near Field Communication (NFC)
NFC technology uses magnetic field induction to enable communication between devices such as a credential reader and a mobile wallet carrying mobile credentials. Contactless payment cards and digital wallets rely on NFC technology because it offers easy implementation, high levels of security and performance reliability.
NFC technology can read credentials at a maximum range of around 10 centimeters, which can be both a pro and a con. While the limited range enhances security by reducing the risk of unauthorized interception, it also restricts flexibility when it comes to device placement. Considering these factors, NFC shines in environments where next-level security is paramount and user intent is assured (e.g., when accessing sensitive data in a healthcare setting).
Bluetooth® Low Energy (BLE)
BLE technology operates at the same frequency as Bluetooth®, but it’s far more energy efficient because it facilitates shorter bursts of intermittent communication. For use cases such as proximity-based login that only require short bursts of connectivity, BLE is the ideal choice. Additionally, BLE proves advantageous in manufacturing scenarios that require mustering, where intermittent communication over short distances is essential for seamless coordination and control during an emergency.
The efficiency of BLE also enables the technology to operate without significant power drain. And unlike NFC, which requires close proximity for data exchange, BLE supports communication over distances of up to 10 meters or more.