Mobile Identities Have Reached Their Tipping Point – What Does That Mean for the Access Control Industry?
by Sanjit Bardhan, Vice President and Head of Mobile, HID
In recent years, the world has witnessed a rapid transformation in the way we identify ourselves and access various services. In the past, identity was tied to a physical document such as presenting a driver’s license when paying for age-restricted goods or services. With the rise of smartphones and mobile technology, digital IDs quickly emerged. And while digital IDs offer more convenience, security and flexibility, other complexities such as IT readiness, authentication and data privacy concerns must be taken into consideration.
So, is the world ready to fully embrace digital identification and eventually replace traditional physical documents?
The answer isn’t simple, as the required and coveted digital transformation isn’t a level playing field — not all organisations or individuals have equal access to resources, skills or infrastructure required for a successful digital transformation. That said, we expect that the market for traditional physical documents will continue to decline over the next few years and digital identities will augment this space.
But more people are using their smartphones now more than ever to perform online transactions, access digital services and even open doors. According to intelligence firm Gartner, in 2022 70 per cent of organisations adopting biometric authentication for access in the workplace would have executed it via smartphone apps, regardless of the endpoint device being utilised. Considering this figure was fewer than 5 per cent in 2018, it demonstrates how drastically these behaviours are changing.
A combination of other factors is driving digital IDs to their tipping point. The infrastructure to support digital transactions grew alongside the immediate need to offer contactless transactions driven by the pandemic. In tandem, the adoption of mobile wallet apps that house digital identities on mobile devices also grew.
Access Control in a Mobile-First World
Mobile devices have become essential components of most people’s daily lives, not just for their intrinsic features but also for the invaluable, convenient benefits they provide. And because people always have their devices with them, using them to access places and move around different parts of the building makes sense.
What’s more, the growing popularity of trusted ecosystems of cloud-connected access control devices, applications and trusted mobile identities has made mobile access easier to adopt than ever. This has, in turn, enabled myriad new services to be securely accessed through mobile phones and other smart devices. Evidence of this is seen via multiple end-users that have unique and varied use cases.
So, if using a mobile device as a credential to access doors, networks, services and more can significantly increase convenience, boost efficiency and maximise security, it’s no wonder that customers and partners around the world are increasingly adopting mobile access. 81 per cent of respondents in our 2023 State of Security and Identity study say they are offering a hybrid work model, with more companies delivering identity management “as a service” rather than via on-premises infrastructure this year.
Why Mobile Access is the Future
Using a smartphone, tablet or smartwatch to gain entry into buildings or restricted areas isn’t just convenient for the user, but building managers and security staff can provision and revoke credentials over the air, further limiting physical contact and improving access control administration with a digital, cloud-based platform for example.
As a result, companies are increasingly executing access with mobile devices as a mechanism for the authentication and identity verification of their employees and visitors. Mobile access eliminates reliance on physical cards or badges, supports multiple security protocols and adds layers of security on top of basic card encryption, making it substantially more secure than traditional physical access control.
Another element of mobile access that is gaining recognition is the concept of multi-application, where a single product or solution can execute multiple things. This digital experience not only increases operational efficiency but also helps reduce the number of plastic cards that users use and lose, which has a positive impact on sustainability and security. A great example is in the higher-education sector, where universities are taking a mobile-first approach in lieu of plastic cards by offering mobile IDs with the ability to open doors, check out library books, make cafeteria purchases and more.
In addition, future generations of employees, such as Gen Z, will drive demand for mobile access as they are relatively more environmentally conscious and more engaged with the issue of climate change than previous generations. Today, Gen Z’ers are the biggest users of mobile and related applications and they will eventually be overtaken by Gen Alpha as the “super-users” of mobile.
Digital IDs and Digital Wallets
Most recently, the integration of employee badges into digital wallets became possible. While digital wallets have been around for payment transactions for some time, they are not used for just payment transactions anymore. Digital wallets hold medical prescriptions, travel documents, driver’s licenses, ID cards, insurance information and employee badges.
With employee badges in digital wallets, employees can access office doors, elevators, turnstiles, multifunction printers and much more using just their smartphones or smartwatches. Employee badges in digital wallets integrated into existing access control systems are simple to distribute and manage and take advantage of the built-in security features of the devices.
- Activation is easy. Employee badges via digital wallets seamlessly integrate into a company’s existing access control systems, across a variety of third-party hardware and are easily managed by internal staff. So, getting started is quick and efficient.
- Private and secure. Employee badges in digital wallets also take full advantage of the privacy and security features. A badge in the wallet is stored on the user’s device and can leverage the power of the device’s secure element, thus making any transaction extremely secure. At the same time, user data is private to the device owner as no one gets to see what places staff or employees’ access.
But the more official IDs are digitised, the more complex the solutions will have to be to protect personal data and prevent data misuse. It is important to build a modern authorisation programme with security management in the cloud, with scalability in mind. Additionally, digital identity systems must take into account regionally and globally relevant laws, regulations and industry standards, for example, the General Data Protection Regulation (GDPR).
Other than enterprises, digital IDs and wallets are also prevalent in the education sector where universities and schools are enabling students and staff to add their IDs or badges to digital wallets on mobile devices. This allows them to easily access buildings on campus and purchase meals using their mobile devices.
What’s Next for Mobile Access
As more organisations successfully deploy mobile and new use cases arise, more people will experience the convenient benefits of the technology. Being able to add an employee badge in a digital wallet, offers a secure and even more seamless experience to building users and tenants.
Then there is the sustainability perspective. Deploying mobile access and virtual credentials removes the need for plastic cards and spares the carbon footprint associated with their lifecycle. Additionally, when the access control system is integrated with a building management platform, this allows for continuous adjustment of building resources based on occupancy. So, an access control system designed from the start with sustainability in mind can really make a difference.
The drive for more sustainable solutions is so important in the access control industry that recent advancements include the introduction of access security cards made of sustainably sourced bamboo, supporting an eco-friendlier value chain in areas where physical access cards are still required.
Finally, the future of mobile IDs will largely depend on widespread acceptance and regulatory-based trust. Governments, private sector entities and citizens need to collaborate to build a robust ecosystem that supports interoperability, security and inclusivity.
Additionally, public awareness campaigns and educational initiatives are vital to promote the benefits of mobile IDs, address concerns and ensure broad acceptance among the population.