HID Global completed two pilot programs that validate how mobile access control using near field communication (NFC) enabled smartphones can allow employees to open doors with a mobile device, without compromising physical enterprise security.
The pilots were conducted at the headquarters of Netflix Internet subscription service and Good Technology using HID Global's iCLASS SE platform, including iCLASS Seos credentials that are portable for use on NFC-enabled smartphones.
Participants highlighted improved security among the benefits. "It reduces the threat of badge skimming and replay attacks," says Bill Burns, director, Netflix IT networking and security.
Netflix desktop analyst David Tsai adds, "Technically, the physical security is better since it requires that a person know the phone can be used as a key, know the passcode to get into the phone, and know how to activate the key."
Similar feedback was provided by Netflix helpdesk support technician Lynn Chikasuye. "People will rarely lend out their phone, which prevents unwanted use."
Good Technology also cites the security benefits of mobile access control as compared to photo ID badges, along with improved user convenience for today's mobile workforce. "Our customers are always looking at new ways to enable mobile worker productivity and efficiency without having to take security risks," says Michael W. Mahan, SVP of special markets, Good Technology. "This pilot proved that using both a layered security approach and smartphones to provide secure physical access to buildings is a great way to meet their goals of adding security without complexity."
The Pilot Process
The multiCLASS SE readers replaced proximity readers at selected locations in both facilities, and participants at each company were given Samsung Galaxy S III handsets. The handsets were equipped with NFC capabilities and digital keys so they could securely store and emulate user credentials and open doors by presenting the handsets to the readers.
Netflix has traditionally used keyfobs for access control, and wanted to evaluate the benefits of provisioning digital keys over-the-air to its staff's smartphones to further streamline the new-employee on-boarding process. The company also believed that digital keys could be a valuable addition to smartphones in its bring your own device (BYOD) environment. By the time the pilot was launched, almost half of the participants were already engaging in the mobile access experience by using proximity tags affixed to the back of their devices. The pilot was intended to test the concept of a mobile access experience with an over-the-air provisioning capability that also delivered improved user convenience and security.
In addition to testing this capability, Good's mobile access pilot was extended to evaluate the use of an NFC-enabled SARGENT SE LP10 lock on the door to an executive's office, which also doubles as a temporary conference room. This allowed the executive to control access to his office - offering it only to select members of his team during specified times - and run reports about who was using his office and when.
Results from a third-party survey of participants noted:
Participants from Good were also impressed with HID Global's credential provisioning and management services. In a mobile environment like the one created for the pilot, HID Global’s secure identity services will enable users to create secure identities and digital keys for NFC-enabled handsets using a cloud-based portal in a managed-service context, and then provision them over-the-air onto their smartphones.
- More than 80% of Netflix respondents felt that the application for unlocking a door was intuitive, and nearly 90% described it as easy to use.
- More than 80% of respondents at Good felt the smartphone was more convenient to use than their current access card, primarily because they never forget their phones like they do their badges. All respondents from the company said they liked the look of the door unlock application on their phones, and said it was intuitive and easy to use.
- 75% of Netflix respondents said they would be willing to load the app onto their own personal smartphone. 75% at Netflix and 67% at Good said that other people who saw them using their smartphone to access the building asked questions or expressed an interest in it.
- More than 83% of Good’s participants said that the company's physical security was improved by using a smartphone rather than a card to open locked doors. This included respondents who highlighted the benefits of layered security and use of a PIN to unlock their phone and then use the mobile access app to gain entry.
- 87% of Netflix respondents said they would want to use a smartphone to open all locked doors at the company.
- All of Good’s respondents found value in additional uses of digital keys on their smartphones, such as logging on to their PC and using their smartphones for secure print authentication and personal uses, such as using their smartphones to access their residence and as a mobile wallet for payment. They also said they would like to be able to use their NFC-enabled smartphones to receive digital keys over-the-air that could be used to access a hotel room.
- 81% of Netflix respondents said the fact that the company is testing and deploying mobile access makes it a more fun and exciting place to work.
The pilots highlighted a number of opportunities to improve the mobile access control experience as the industry moves closer to deployment. This includes bringing more mobile network operators and handset manufacturers into the ecosystem so users have more service and product choices. Additionally, participants cited the need for an access control experience that is always on, which requires that NFC handsets be able to open doors without starting an app, and that their secure elements, either embedded in the phone or in their SIM cards, are made available for over-the-air communications directly with service providers.
Participants also highlighted the need for solutions that do not excessively drain battery, are available even when the battery is dead, don't interrupt other tasks, and deliver an intuitive user interface with accurate graphical representations and conveniently sized icons.