Balancing the pros and cons of mobile access

With adoption of mobile access solutions tipped to increase this year, here are some of the benefits as well as challenges to consider when implementing a mobile access solution.

Convenience is one of the biggest factors leading to mobile access conversion. “For many of us, remembering our mobile phone is significantly easier than remembering a badge or keycard. There’s also the issue of waste, as the plastic used in these credentials can be wasteful — especially when used in large quantities, such as in a hotel environment,” said Andrew Fulton, Head of Product Management for Access Control at Vanderbilt.

Other benefits include near-instant credentialing, faster, more convenient access and lower total cost of ownership (TCO) for multifactor authentication.

“The means of credential delivery has improved and the cost of the readers themselves has come down. This has prompted more companies to consider mobile access for upcoming projects,” said Rick Caruthers, President of Galaxy Control Systems. “We feel mobile access technology will continue to gain in acceptance and capture more market share from traditional proximity technology,” he added.

While mobile access is convenient, considerations over whether log data will be stored on a mobile device or on a cloud server also need to be factored in. Gaoping Xiao, Director of Sales for APAC at AMAG Technology, added that “the cost of virtual credentials versus traditional physical cards must (also) be considered as the investment can be high for some vendors’ solutions.”

Nancy Islas, President of Maxxess Systems, said that in order to be a suitable replacement for existing card and proximity access readers, the speed and capacity of mobile credential access readers needed to be at least equivalent to existing devices.

AMAG’s Xiao noted that one of the challenges for office environments was that they still required employees to have a physical badge with a photo in order to distinguish between employees, visitors and contractors. Still, mobile access in this scenario has a clear advantage — it is convenient as most people carry a smartphone with them most of the time, and it is more secure as smartphones are typically protected by a password.

Vanderbilt’s Fulton said another challenge was the large number of different platforms on which these programs were built. “Not everyone carries the same type of phone — or even a smartphone for that matter. Another consideration is how to handle visitors and contractors that might require short- or long-term access to a facility, as well as how privacy issues are handled — that is, if an employee is using a personal mobile phone for access, how much can the employer access if that phone is being used as a credential. All of these challenges must be addressed and discussed before a company can implement these kinds of solutions.”

Cybersecurity concerns must also be addressed, as the line between how we use our mobile phones for work and personal matters becomes increasingly blurred. Because of this, mobile devices were likely to become a more attractive threat vector, according to Francois Lasnier, SVP of Identity and Access Management at Gemalto.

“Users therefore should be aware and more vigilant regarding the apps they install; enterprises will dedicate more resources to end-point and access security on mobile devices. Inherently, mobile devices have some limitations in terms of security and will become the center of cyberattacks as their role to help us run our lives keeps on increasing. Therefore, security mechanisms to maintain a high level of trust while assuming that the mobile as a device could be compromised (‘zero-trust’) will become increasingly important,” Lasnier said.

Other issues include diminished phone battery life, since most mobile access solutions using Bluetooth will need this function to be turned on at all times.