Within the next five years, users will be carrying multiple secure identities on a single card or phone that can replace all previous mechanical keys and dedicated one-time password (OTP) hardware for physical and logical access control. This card or device will be part of an access control ecosystem that provides a seamless user experience and can flexibly scale and adapt while delivering growing value to the organisation.
The technologies for realising this vision already exist and are poised to change how we use secure identities for many applications. Any smart device – whether a traditional card or a device with wireless technology such as Bluetooth or NFC – now has the potential to become a trusted credential used for authenticating individuals.
Advances in converged back-of-house technologies are enabling strong authentication and card management capabilities for computer and network logon. These advances ensure that physical and logical identities can be managed on a combination of plastic cards and smartphones. The objective is not simply to substitute one credential form factor for another across isolated use cases. Rather, it is to leverage mobile technologies to build unified solutions for ensuring secure access to the door, to data and to cloud applications.
Today’s access control platforms deliver more sophisticated credentials and new credential form factors including mobile devices. They also support open standards so organisations can evolve beyond current capabilities, add features, and adapt to changing security threats. With the proper foundation and planning, organisations can solve today’s challenges, prepare for new capabilities such as mobile access control, add a diverse range of new applications when needed, and pave the way for integrated, multi-layered physical access control (PACS) and IT security solutions that span all of the organisation’s networks, systems and facilities.
One of the biggest developments for our customers in the coming years will be growth in mobile access adoption. Within five years, we should also see smartphones becoming an integral part of the ecosystem for the creation, management and use of secure identities. In some instances phone will replace cards, but in many others they will supplement cards to enable a more secure and user-friendly experience.
The use of smartphones to receive digital credentials and “present” them to readers will co-exist with existing capabilities to generate one -time passwords for accessing network or cloud- and web-based applications. Users will simply take the same card or phone they use for building access and use it in conjunction with a personal tablet or laptop to authenticate to a VPN, wireless network, corporate intranet, cloud- and web-based applications, single-sign-on (SSO) clients and other IT resources.
Within this environment, strong authentication will continue to grow in importance in the face of a rapidly changing IT security threat environment – and will also move to the door. There will be increasing use of other authentication factors including biometrics and, in the federal space, widely adopted Public Key Infrastructure (PKI) strong authentication methods will arrive at the door using both cards and mobile phones.
Smartphones using Bluetooth Smart for their short-range connectivity technology will also have long enough reach that users can open doors with a simple movement of the device as they walk up to a mobile-enabled reader. This new gesture-based technology capability offers a new user experience and new ways to open doors and parking gates, while laying the foundation for a wide range of additional future applications.
Today’s credentials can include elements for enabling more trustworthy visual authentication while helping to deter tampering and forgery. These visual elements may include higher-resolution images and holographic card over-laminates, as well as permanent laser-engraved personalisation attributes that are difficult, if not impossible, to forge or alter. We will likely also see new personalisation opportunities in the future.
Additionally, ease of personalisation will continue to improve. Look for more advances like the recent arrival of internal smart card encoders in today’s printers, which have reduced card personalisation to a single step. These encoders also support multiple types of electronic personalisation across many card types, simplifying migration to new technology and encoding options as security requirements increase.
The latest secure identity technologies enable organisations to use smart cards and other smart devices in a growing ecosystem of interoperable products and applications. Within the next five years, users will be able to use these cards and phones as a replacement for all previous mechanical keys, physical access cards and dedicated OTP logical access authentication hardware, as part of an extremely flexible, centralised access and identity management system that can adapt to evolving threats and requirements, improve the user experience, and deliver steadily growing value over time.