NFC can strengthen security by turning smart phones into physical and logical access control credentials
The trouble with access control cards is that people lose them, lend them to friends who use the cards, or lose them, or lend them to someone else.
Losing a card is bad enough, but people that lose cards often make it worse: “When someone loses an access fob or card, he or she doesn’t always tell the security department right away,” says Paul Timm, president of Lemont, Ill.-based RETA Security, Inc. “People that lose cards don’t want to pay the $20 fee for a replacement, so they look for their cards. While they are looking, whoever finds the card can use it.”
To be sure, electronic access control systems provide more security, more economically, than locks and keys. When a key goes missing, a locksmith has to make an expensive trip to the affected door and rekey it. Remote computers can quickly and easily decommission lost cards. Still, decommissioning and replacing lost access cards can take up a lot of time.
Enter near field communication or NFC, a mobile technology that can turn smart phones and tablets into physical and logical access control credentials, and thus strengthen security.
The security improvement arises from the fact that people don’t lose their mobile devices. Think about your smart phone. If it isn’t right beside you, it’s in your pocket or the palm of your hand.
“If someone loses a card, he may ask to borrow a friend’s card, and the friend may give it to him,” says Timm. “But no one would loan a smart phone to a friend.”
|NFC technology also forms the basis of an emerging mobile payment system|
“People don’t lose their phones, and people don’t lend their phones. That’s why it makes sense to look at NFC as a way to tighten security.”
There’s more. NFC technology also forms the basis of an emerging mobile payment system that will enable users to charge purchasers by holding a phone up to a reader.
NFC boosts security over mag-stripe credit cards and aims to overcome well-known wireless security problems by reducing the distance of the wireless communication to a couple centimeters — and encrypting the communication.
Security professionals say that NFC is a good idea but needs perfecting. “It is possible to conceal a sniffer close enough to a reader to intercept NFC communications,” said Ron Lander, CPP, a principal with Norco, Calif.-based Ultrasafe Security Specialists. “Someone can attach a sniffer under the counter, for instance. How often does management check for rogue devices? They should start checking.”
“I do think NFC is a good technology, but we have to develop a standard, secure infrastructure for it,” Lander adds.
Still, adoption has begun. A number of colleges and universities have pilot-tested NFC as an access control and payment tool.
Research shows steady growth. According to the Statista research service, the percentage of smart phone users in the United States employing NFC for mobile payments will rise to 12.7 percent this year and more than double to 27 percent by 2018.
Anyone planning to install electronic access control at a facility might want to plan for the possible adoption of NFC. Same for anyone looking to refresh their current supply of access control readers. Perhaps it’s time to look into NFC-enabled access control readers. There are readers on the market that will read both NFC and traditional cards. In fact, that capability is reportedly becoming standard.
Adopters will also have to work with mobile phone service providers and their trusted service managers (TSMs) to set up a system enabling employees to download unique NFC identifiers for their phones.
Preparing a little each year over the next two or three years will enable companies to be ready for employees with NFC-enabled technology to start “phoning in.”