What is the future of digital wallet security?

digital_wallet

In the course of a day, how often do you need to perform a task — whether it’s to make a payment, board transit, show an event ticket, and so on — only to think, “Why can’t I just do that on my phone?

Scheduling, photography, messaging, banking, entertainment, learning and much more — so many daily activities that used to be separate and distinct have now come together on the amazing devices we carry everywhere we go. And now, thanks to the digital wallet, even our verified identities are migrating to the smartphone as well.

The three examples we opened with — payment cards, transit passes, tickets — are all ways of proving our identity to access things we value and are entitled to. And they can now be carried on the digital wallet built into our smartphones, along with a growing list of other identity-based items: corporate ID badges, student IDs, gym cards, building access fobs, parking passes, driver licenses and even car keys.

A Global Phenomenon

The best-known digital wallets are provided by AppleGoogle and Samsung. The Google and Samsung ecosystems have always been quite open, and the notably proprietary Apple has also recently opened its wallet to the industry’s best-regarded mobile credentials, including the addition of access control with rf IDEAS  partners such as Wavelynx and Soloinsight.

Students at many major universities are already using their iPhones and Apple Watches to do everything that previously required a physical ID card, thanks to Apple’s collaboration with our partners CBORDTransact and Allegion.

You can expect more options to emerge that support an ever-growing list of physical and logical access credentials, as digital wallets are rapidly gaining user acceptance and popularity. The total number of digital wallet users is projected to grow to an astounding 5.2+ billion in 2026, a 53% increase over the 3.4 billion users in 2022. The digital wallet is the future of simplified, centralized identification management — not only for payment, but for secure access to places, devices and data in business, healthcare, education, leisure and every other aspect of daily life.

 

 


"The total number of digital wallet users is projected to grow to an astounding 5.2+ billion in 2026, a 53% increase over the 3.4 billion users in 2022." (Source)


 

 

Security in the Cloud and in Your Pocket

The term digital wallet refers to the technology that stores your payment cards, employee ID badge, gym membership, driver license, boarding pass and other credentials securely in the cloud —or simply put the Digital Wallet. That way, you can manage, access and use your credentials when logged in to your digital wallet account from your smartphone.

Virtually every smartphone manufactured today or in the last several years includes secure near-field communication technology (NFC), the same basic technology that makes contactless payment cards ultra-convenient and ultra-secure. Using this 13.56 MHz short-range technology, a powered reader is able to magnetically activate and read an otherwise unpowered electronic tag when a contactless payment card, ID badge or smartphone is tapped or waved over the reader within a range of about 10 cm or less.

Because of the short range, and because a one-time code can be automatically generated each time the credential is read, NFC-based authentication is extremely secure. The digital wallet can be even more secure if a second authentication factor is involved, such as unlocking the phone and wallet via a PIN, fingerprint or facial recognition. And if the phone should be lost or stolen, all credentials can be immediately locked in the digital wallet — which, remember, exists in the cloud and not on the phone itself.

Advantages for Organizations and End Users

NFC digital wallet technology is easily adaptable to any application that requires secure user identification, and that’s why so many new usage models are emerging and user adoption is booming. There are many reasons the NFC digital wallet is quickly becoming a must-have for organizations and end users alike, among them:

  • Automatic remote distribution, enrollment and management of credentials.
  • The convenience of credentials that can be presented with the tap of a phone — even if it is powered off or the battery is dead.
  • Enhanced security and privacy features enabled by cloud-based credential management and digital wallet features, such as encryption and two-factor authentication.
  • The ability to replace a pocketful of easily lost cards and fobs with the device most people already carry everywhere, protect vigilantly, and use for practically everything. Even if a phone is lost or stolen, the digital wallet is still safe and secure.
  • The versatility of using a single credential and a consistent tap-and-go process for everything from building access to single sign-onsecure print releaseattendance tracking, parking, vending, meal plans, or any other purpose the credential issuer allows.

Convenient Security All Day Long – Beyond the Door 

As the digital wallet expands to contain various types of identification, not just payment cards, there’s a role for mobile credential readers in any setting that requires secure authentication to empower a truly digital-first workplace or campus – opening up more possibilities beyond the door for logical access such as cashless cafeteria, single sign-on, attendance tracking, secure print and more – all from ONE credential.

To see how powerful mobile authentication can be, let's briefly review how a mobile credential can vastly simplify a typical enterprise user's day.

  1. Sally often used to forget her ID badge, but today she heads for work with the phone she always carries — in fact, she needs it to unlock and start her car.
  2. Sally arrives at the parking garage and enters with a tap of her phone onto the parking control system that is equipped with an embedded credential reader. Another tap onto a physical control reader lets her into the building, and a tap into a time clock embedded with a credential reader captures her arrival to work, which synchs to her company’s time and attendance system.
  3. There’s a mandatory special training session first thing in the morning. Instead of signing in on a paper sheet, Sally taps her phone onto a mounted credential reader next to the training room to record that she was present.
  4. Training is over and it’s time to get to work. Since Sally works with highly sensitive data, she does a quick fingerprint scan on her phone, then taps it to a credential reader to access her workstation — a simple two-factor single sign-on authentication process.
  5. When it’s time for lunch, Sally pays at the cashless cafeteria with another instant tap at the point of sale system.
  6. Clients are visiting for an afternoon meeting. Sally sets them up remotely with temporary credentials that will let them into the building.
  7. Sally has sent several confidential print jobs that are for the clients’ eyes only. Instead of sprinting to the printer after each one, she securely releases them all at once by tapping her phone onto the multifunctional printer equipped with an authentication reader.
  8. After leaving for the day, Sally decides to take care of a few work-related items. She has a credential reader on her desk at home for this very purpose, and a quick tap lets her into the secure enterprise network remotely.

All of this is in addition to everything else Sally can do with the digital wallet, from accessing the gym to earning loyalty points at the grocery store. The possibilities are endless and ever-expanding, with a growing ecosystem of software partners and technology innovators unleashing the power of the digital wallet. 

Implementation and Manageability

Why consider the digital wallet for your business? We’ve already discussed enhanced security and user convenience, but there’s one more compelling advantage: simple implementation and credential management, now and in the future.

For security officers and IT professionals, the digital wallet is much easier to manage than cards. Credentials can be provisioned and revoked remotely, with no physical cards to handle and no need for users to be physically present. Plus, there are no more costs for replacing lost ID cards or issuing temporary physical credentials to contractors and guests.

And migrating from physical to mobile credentials is easier than you might think. There are even readers that support both physical and mobile credentials simultaneously — so you can plan for what is to come while meeting the needs of your current security strategy today.

We understand that the move to mobile credentials can appear daunting. You may be wondering how to fit mobile into your current and future security strategy, and how to get started making the move. Let a member of our team help you navigate the complexities of your specific security ecosystem and work with you to devise an efficient, effective mobile migration strategy today. 

Start navigating your mobile strategy with one of our experts today.

CAPTCHA