George Schneck
Follow Us

Companies are finding a way to cut costs and keep their employees safe through their smartphones.  More and more businesses are using their phones instead of an access card or key fob to enter a building. This is allowing companies to save on card costs, which can quickly add up.

There are 2 technologies that allow mobile access, Bluetooth Smart and NFC.

Bluetooth Smart

Bluetooth Smart is able to operate both at close range and from a distance, supports both iOS and Android, and has low power consumption. Environments with mixed device populations and those that require activation from a distance are best served by this communication standard.

NFC

The NFC standard, operating in HCE mode, is a good choice for close-range applications (less than 10 cm or direct contact with a “tap”) that do not include iOS devices in the mobile population.

A mobile access solution should be designed with security as a first priority. Managing sensitive identity data on mobile devices requires a holistic view of end-to-end security.  Some of the questions to consider are:

  • How are Mobile IDs generated?
  • How are they managed over the entire lifecycle?
  • How can Mobile IDs be securely stored on mobile phones?

Attacks can come in many ways so mobile IDs must be encrypted to prevent manipulation. All Mobile IDs and user information should be protected by cryptographic operations. Applications that manage Mobile IDs should run in a dedicated sandbox, ensuring no unauthorized apps can access or modify data.

We recommend banning jail-broken or rooted devices from business use. If a phone that is being used for mobile access is lost, stolen or compromised, it is easy to remove the access.  If the device is found again it can just as easily be re-activated.

It is very important to have a policy in place that if a phone is lost it be reported.  This policy should already be in place in the event a card or key fob goes missing.  To further reduce the impact of a stolen device, devices can be configured to engage only with readers when the device is unlocked. You want to use trusted back-end services to protect your access control system.

You will need new readers to implement this solution, but it will save you money on cards and make life easier for your employees.

About Security Instrument

From Fortune 500 to local SMB’s throughout the Tri-State area, Security Instrument integrates custom security systems to meet the needs of commercial clients.