Using Smartphones for Access Control Systems

Posted May 14, 2018 by Koorsen Fire & Security

 Goodbye Access Control Cards! Using Smartphones for Access Control Systems

In just the past ten years, smartphone use has exploded. The devices are nearly ubiquitous, and with their growth, the number of applications and uses has also expanded.

From social, to personal, to commercial, for fun, for navigation, for business, for banking – so many things can be done on a smart device. The uses have developed so far as to almost necessitate owning a smartphone, and even many who were clinging to their “dumb” phones are finally giving into the practical necessity of making the change.

Access Control Questions? CLICK TO CONTACT US NOW

Now that smart mobile technology is being truly embraced, there is a new development on the horizon in the realm of security – replacing access control cards with smartphone apps.

Background

For anyone using a smartphone or paying attention at all over the past few years, they already know that a great deal of security and credential applications have already been created for them. But many of these applications have been for internet security of various forms.

Now, however, smart devices are being used to replace physical key cards and fobs.

The concept isn’t new. Fairly early on in the creation of mobile phones, the idea of using them to open doors and gain access was explored using early versions of Bluetooth technology. But for a number of practical reasons, the idea didn’t take off. The technology was just not advanced enough to make it work well.

Now, however, with the advancement of smartphones and application technology, the concept is being explored again, and this time with greater success. Predictions indicate that by 2020, 20% of organizations will be utilizing smartphone access control systems.

How Does It Work?

Similar to how access cards work, a reader is installed at entrances. Users are instructed to download an app on their phone which will be programmed with the appropriate permissions for that specific user.

That’s how the majority of smartphone-based access control systems are similar. But the details of how the systems are implemented, the level of control and customization, and the level of security vary. This, of course, means you will want to do your homework before you jump on board and choose a system for your facility.

Here is a quick preview of potential areas of differences:

  • Bluetooth vs. NFC: as far as communications protocols, the two most commonly used for smartphone access systems are Bluetooth and Near Field Communications (NFC). Both use short-range communication standards and both transmit via radio waves.

    The key differences between the two are that Bluetooth does a better job blocking out interference from other devices attempting to communicate from farther away while also offering a longer range of communications. NFC, on the other hand, uses less power but requires the user to be much closer to the reader. 
  • Credential Storage Location: depending on the app and manufacturer, the storage of the user’s credentials will vary. Many use a secure cloud or another secure option. Either of these are good.

    NEVER go with a manufacturer and application that stores the credentials on the actual phone. If the phone is stolen or copied (which could be done without the user even knowing it), the credentials—i.e. the key—is stolen as well. 
  • Onboarding Prompts: there are many more options for onboarding with smartphone access systems than traditional key cards or fobs. Some allow for the user to send an email or request that will initiate the process.

    Others allow for the facilities manager (or whoever is in charge) to initiate the process, whether that’s by scheduling an in-person meeting or sending an email with download and installation instructions.

    Either way, after the process is initiated, the user will have to provide their information, download the appropriate secure app, create an account, and then receive the customized credential/key that they will hold up to the readers. The keys may be in the form of QR codes or bar code, among other possibilities.

    Perhaps one of the most unique and convenient elements is that for guests who only need temporary access, smartphone credentials can be created for them as well that include only the specific areas they need access to and which are limited to the specific day(s) they will be on the premises.

Benefits

Likely enough, you can probably foresee some of the benefits of smartphone app-based access control systems based on the above.

But here are six of the top benefits:

  • More Cost Effective: rather than having to pay to create new access cards and replacement access cards which will just be destroyed when the user no longer works/lives/attends the facility, you can save money by implementing the smart device access systems.

    While you will still need to create some physical access cards, since not everyone has a smartphone, you will be able to significantly cut back on your costs in this area. 
  • More Control: this form of access control can provide incredible levels of customization and control. Whether you want to create keys with full access, limited access, or temporary access to specific locations, you can do it with the right provider.

    It can be difficult and costly to create traditional access fobs or cards with this level of specificity, especially in the case of temporary access.

    Furthermore, with smartphone access control, you can not only specify rooms and resources available to the user, but computer networks, classified data, and digital files as well. The level of control and customization can be for both physical and digital resources. 
  • Easier: there are a number of ways using smartphone-based access systems are easier.

    First, these keys will be much harder to lose since people are far more attached to their phones than their access cards. While an access card could be lost and forgotten until the user finally needs to gain access to a specific area, if a user loses their phone, they will mostly likely know it within the hour. Most likely, it just won’t happen.

    This will save the company money on replacement keys and will also keep the facility more secure, since lost cards won’t be picked up by the wrong people.

    Second, they are also much harder to lend out. While many may feel comfortable to lend out their access card to someone for a quick out-and-back-in venture (coffee break, anyone?), users will be much less willing to lend their phone. This again decreases the possibility of loss and strengthens security.

    Finally, they are significantly easier to “replace.” If someone should happen to lose, break, or change phones, the credentials can simply be transferred to their new device and removed from their old one. This once again increases security and saves time.
  • More Secure: keeping the credentials on smart devices is actually significantly more secure, though it may not seem obvious at first. But since phones require a pin, password, or fingerprint just to open the phone, it will be harder for someone to steal it and use it. With a card, however, only the physical card is needed.

    Furthermore, as mentioned above, a stolen phone will likely be noticed much more quickly than a stolen access card.

    Finally, if you choose a provider who has created a secure app with credential storage in a secure cloud or location other than the phone, the security is even greater. Biometrics (the use of fingerprints) can even be used to access the key, since smartphones now include that capability.

    Essentially, even if someone did manage to steal the phone and crack the pin to open it, they would still need the proper information (or fingertips) to open up the app and access the key.

    A strong app will also have deep levels of encryption that will prevent the Bluetooth signal from simply being copied and replayed to open the lock.
  • Saves Time: HR should be thrilled with a smartphone app-based access control system, as much less time will be needed to set up and issue credentials than issuing new keys and cards or replacing them.

    “Smart” keys can be issued remotely from a central location. So, rather than requiring the facility manager to travel from building to building or office to office to collect the needed information, then order the keys, then deliver them, they can do it all through a few clicks of the mouse and taps on the keyboard.

Thinking About Making the Switch? 

Clearly, there are many benefits to implementing a smartphone-based access control system.

However, not all systems are created equal, and there are a lot of factors that you need to consider before you should really settle on one to make sure you get one that will actually help you and not backfire.

Think you may be ready to implement this new technology, but need some help determining whether your facility could benefit from it?

Give the experts at Koorsen a call. With over 70 years of experience working with facilities of every type and size, their professional team can help you determine the best possible security and access control system for you.

Access Control Questions? CLICK TO CONTACT US NOW

 

Topics: Access Control Systems, Commercial Security

Contact Us Now!

Disclaimer: The information in this article is for informational purposes only. It is believed to be reliable, but Koorsen Fire & Security assumes no responsibility or liability for any errors or omissions in the content of this article. It does not constitute professional advice. The user of this article or the product(s) is responsible for verifying the information's accuracy from all available sources, including the product manufacturer. The authority having jurisdiction should be contacted for code interpretations.