Access control systems have come a long way from the traditional mechanical lock and key. There is greater demand than ever for convenient solutions to enter and exit buildings and facilities from users, and to manage and issue credentials from administrators – is mobile access control the answer?
Here, we provide a guide to mobile access control, which is one of the fastest growing methods of secure access provision, according to industry analysts such as Omdia.
What is ‘mobile access control’?
Mobile access control is a method of providing people with authorised access into a site, building or room via a digital credential on a smartphone or other wearable technology.
The ‘mobile’ part of this access control allows users to use their smartphones for entry instead of a traditional key, badge, access card or fob.
The solution works through a downloadable mobile app, which would then act as a ‘virtual key’ providing access.
In many cases, mobile access control is powered by Bluetooth, where the phone communicates with a mobile-capable reader on a gate, door or barrier. Other methods include using Wi-Fi and Near Field Communication (NFC) for the electronic devices within a specific distance apart.
Currently the majority of access control, according to IFSEC Insider’s 2022 State of Physical Access Control Report, is used through identification badges (ID) with 60% of the market adopting this. Following this, 50% use time and attendance as a way to track check in and out of employees and 49% use parking/gate control.
Though mobile access control is a relatively new type of technology used by a smaller number of organisations, the report showed that there was significant uptake of it in the marketplace, with 32% of respondents saying they were actively using mobile IDs.
In addition, the data from the report highlighted that there has been a growth in demand for mobile access control systems. In 2020, 16% of the industry had already upgraded to mobile capable readers – in 2022 this rose to 24%, while 42% of industry professionals are still planning to upgrade.
The top day-to-day challenge for security professionals, cited in the report, was as improving user convenience with systems, and 43% would like to make the administration of physical access control easier.
In an ever-advancing technological landscape, the ease of use for a mobile device providing entry is often perceived to be a more convenient way to control access instead of a separate physical card, but it also can be seen to align with many company objectives of sustainability, cost-saving and heightened security.
Mobile-first approach
An expert on the access control and smart lock industry, Lee Odess said that while the industry has been characterised by the words ‘no and slow’ when it comes to adopting new technology, this is no longer the case.
“What’s happened is that Covid has accelerated a handful of changes, particularly around digital transformation.”
According to Odess, although many commentators talk about IT convergence as the biggest impact the industry faces, it is also likely from enterprise software, as well as cloud and mobile computing.
He said that rather than looking at mobile as an ‘iteration of existing legacy systems’, external companies such as Apple and Amazon (which owns companies in the security sphere, such as Ring) are focusing on a mobile first approach.
“Complete systems are being built around the concept of an admin and an end user providing total control from a mobile computing device.”
What are the benefits of mobile access control?
As mentioned, mobile access control can provide organisations with convenient entry that’s also secured through unique mobile device credentials.
Since an increasing number of organisations have added mobile access as their method to control entrance and safeguard employees, let’s take a look at some of the benefits::
- Enhanced security: There are unique credentials for the user such as biometric authentication, plus using access through an app allows for easy conditions to be placed such as temporary or revoked access. – assigning credentials. Two factor authentication can also be embedded in the process, with the option to ensure users unlock their phone before using the mobile credential.
- User experience/convenience: Users may prefer to have their virtual key on their smartphones instead of a separate physical item to carry. Since they may carry their phone more often there are potentially less instances of users being locked out of areas accidently.
- Remote management: When assigning credentials, security managers and administrators don’t have to be physically present as they would for other methods of access control, allowing for real-time, remote control. This works well for an increasingly hybrid working landscape.
- Cost savings: Although the initial upgrade to a mobile-enabled access system can be costly, in the long-term it removes the need purchase or print cards, badges or fobs and any maintenance that may come with traditional locks.
- Integration and scalability: Mobile access control can be integrated and upgraded with existing or new security systems and can scale to grow with an organisation.
- Environmental impact: With no manufacturing production or shipping of plastic cards or fobs, it can contribute to sustainability objectives with a lower environmental impact.
- Audit trail and reporting: Like other digital or electronic credential management systems, the logging of users can also be tracked with mobile access control for entry and exit times and can therefore be useful if needed for security scrutiny.
- Mass notification: Emergency or important company notifications can be sent via the mobile app to relevant users or the whole organisation for faster broadcasting.
What are the challenges around implementing mobile access control?
Although mobile access control can provide organisations with plenty of benefits, like any system there remain challenges or potential barriers:
- Initial cost: With 38% of those asked in IFSEC Insider’s report selecting this as their biggest obstacle to upgrading, the initial cost of upgrading to a mobile access control enabled system could be an initial barrier.
- Potential hacking: One system that is centralised could have the potential for hacking which would mean all access and user information is compromised- similar to any digital/electronic access management system.Similarly, if a user’s phone is stolen information could be hacked into this way.
- Smartphone users: the use of mobile access control comes with the expectation that all employees have smartphones, which may not be the case for all. There is also the added challenge of whether an organisation would require all employees to have company devices.
- Disruption: Upgrading can mean changing access control devices internally and having to introduce the use of a mobile app on a large scale. Some users may find it difficult to learn and navigate.
- User privacy: Users may be uncomfortable installing a company application on their personal device due to privacy concerns.
- Not suited to all sectors: Mobile access control may be easier to integrate into an office building rather than a building site or food production plants where mobiles aren’t allowed, for example, meaning that it may not be as convenient an upgrade for all sectors.
The future
Mobile access control is on the rise as a modern and convenient method to manage and track physical access, and its benefits can be greater than just security – with the use of mass notification, sustainability benefits, and more. However, there are some drawbacks as listed above that may be more of a challenge depending on the sector and smartphone users in a company.
In any case, it is likely that mobile access control could play a leading role in the future of physical security access control systems