Tuesday, 24th November 2020

Smartphones to replace traditional access cards

In 2016, less than 5 per cent of organisations used smartphones to enable access to offices and other premises. By 2020, Gartner, Inc. said that 20 per cent of organisations will use smartphones in place of traditional physical access cards.

"A significant fraction of organisations use legacy physical access technologies that are proprietary, closed systems and have limited ability to integrate with IT infrastructure," said David Anthony Mahdi, research director at Gartner. "Today, the increasing availability of mobile and cloud technologies from many physical access control system (PACS*) vendors will have major impacts on how these systems can be implemented and managed."
PACS technology is widely deployed across multiple vertical industries and geographies to secure access to a wide range of facilities (buildings, individual offices, data centers, plant rooms, warehouses and so on), ensuring that only entitled people (employees, contractors, visitors, maintenance staff) get access to specific locations.
Mobile technology is already widely used for logical access control. Phone-as-a-token authentication methodscontinue to be the preferred choice in the majority of new and refreshed token deployments as an alternative to traditional one-time password (OTP) hardware tokens. Gartner projects that the same kinds of cost and user experience (UX) benefits will drive increasing use of smartphones in place of discrete physical access cards. Smartphones using technologies and protocols such as Bluetooth, Bluetooth LE, and Near Field Communication can work with a number of readers and PACS technology.
One of the easiest ways to use a smartphone's access credentials is to integrate them — via a data channel over the air or via Wi-Fi — into the access control system (ACS) and "unlock the door" remotely (just as an ACS administrator can). This approach requires no change to reader hardware.
Using smartphones can also simplify the integration of biometric technologies. "Rather than having to add biometric capture devices in or alongside readers, the phone itself can easily be used as a capture device for face or voice (or both), with comparison and matching done locally on the phone or centrally," said Mr Mahdi. "This approach also mitigates the risks from an attacker who gains possession of a person's phone."
The technology's limitations remain a challenge. For example, there's significant disparity in functionality between smartphones, and some security and risk management leaders should be aware that their physical card readers and PACS might require a significant upgrade to use smartphones for physical access. "Nevertheless, replacing traditional physical access cards with smartphones enables widely sought-after cost reductions and UX benefits," said Mr Mahdi. "We recommend that security and risk managers work closely with physical security teams to carefully evaluate the UX and total cost of ownership benefits of using access credentials on smartphones to replace existing physical cards."
Palo Alto Networks has introduced what it says is the industry’s first 5G-native security offering,...
Sophos has published the Sophos 2021 Threat Report, which flags how ransomware and fast-changing att...
Acronis has acquired CyberLynx, a leading Israel-based cybersecurity consultancy firm with a presenc...
Research uncovers critical cybersecurity and compliance risks.
Advanced ransomware recovery enhancements and technology integrations bring ability to identify, res...
Nearly half (49%) of organizations plan to extend Cognitive and AI capabilities for security to dete...
McAfee has launched MVISION Marketplace, MVISION API and MVISION Developer Portal, part of the MVISI...
Latest addition to Cloud One platform is ideal for those migrating their servers to the cloud.