Secure identities will move beyond smart cards onto a growing ecosystem of interoperable smart devices, writes Julian Lovelock, Vice President of Product Marketing for Identity Assurance at the access control manufacturer HID Global.
Within the next five years, users will be carrying multiple secure identities on a single card or phone that can replace all previous mechanical keys and dedicated one-time password (OTP) hardware for physical and logical access control. This card or device will be part of an access control ecosystem that provides a seamless user experience and can flexibly scale and adapt while delivering growing value to the organisation. The technologies for realising this vision already exist and are poised to change how we use secure identities for many applications. Any smart device – whether a traditional card or a device with wireless technology such as Bluetooth or NFC – now has the potential to become a trusted credential used for authenticating individuals. Meanwhile, advances in converged back-of-house technologies are enabling strong authentication and card management for computer and network log-on. These advances also ensure that physical and logical identities can be managed on a combination of plastic cards and smartphones. The objective is not simply to substitute one credential form factor for another across isolated use cases. Rather, it is to leverage mobile technologies to build unified solutions for ensuring secure access to the door, to data and to cloud applications.
Access control platforms deliver more sophisticated credentials and new credential form factors including mobile devices. They also support open standards so organisations can evolve beyond current capabilities, add features, and adapt to changing security threats. With the proper foundation and planning, organisations can solve challenges, prepare for mobile access control, add a range of new applications when needed, and pave the way for integrated, multi-layered physical access control (PACS) and IT security that spans all of the organisation’s networks, systems and facilities.
One of the biggest developments for our customers will be growth in mobile access adoption. Within five years, we should also see smartphones becoming an integral part of the ecosystem for the creation, management and use of secure identities. In some instances phone will replace cards, but in many others they will supplement cards to enable a more secure and user-friendly experience. Use of smartphones to receive digital credentials and ‘present’ them to readers will co-exist with existing capabilities to generate one -time passwords for accessing network or cloud- and web-based applications. Users will simply take the same card or phone they use for building access and use it with a personal tablet or laptop to authenticate to a VPN, wireless network, corporate intranet, cloud- and web-based applications, single-sign-on (SSO) clients and other IT resources.
Strong authentication will continue to grow in importance in the face of rapidly changing IT security threats – and will also move to the door. There will be increasing use of other authentication factors including biometrics and, in the federal space, widely adopted Public Key Infrastructure (PKI) strong authentication methods will arrive at the door using both cards and mobile phones.
Smartphones using Bluetooth Smart for their short-range connectivity will also have long enough reach that users can open doors with a movement of the device as they walk up to a mobile-enabled reader. This new gesture-based technology offers a new user experience and new ways to open doors and parking gates, while laying the foundation future applications.
For secure identity on traditional cards, our customers will also be gaining new and more efficient card personalisation. Credentials can include elements for enabling more trustworthy visual authentication while helping to deter tampering and forgery. These visual elements may include higher-resolution images and holographic card over-laminates, as well as permanent laser-engraved personalisation attributes that are difficult, if not impossible, to forge or alter. We will likely also see new personalisation opportunities. Also, ease of personalisation will continue to improve. Look for more advances like the recent arrival of internal smart card encoders in printers, which have reduced card personalisation to a single step. These encoders also support multiple types of electronic personalisation across many card types, simplifying migration to new technology and encoding options as security requirements increase.
The latest secure identity technologies enable organisations to use smart cards and other smart devices in a growing ecosystem of interoperable products and applications. Within the next five years, our customers will be able to use these cards and phones as a replacement for all previous mechanical keys, physical access cards and dedicated OTP logical access authentication hardware, as part of flexible, centralised access and identity management that can adapt to evolving threats and requirements, improve the user experience, and deliver steadily growing value.
