ProdataKey (PDK), an innovator of cloud-based networked and wireless access control products and services, releases a whitepaper that explores why widespread adoption of mobile credentialing in conjunction with access control systems has lagged behind other smart phone applications, and how new technologies promise to overcome barriers related to a security/convenience trade-off previously inherent in such solutions. By virtue of their processing power, smart phones can provide superior encryption, and security, than RFID cards, fobs and smart cards. They are also more carefully guarded by employees. Cumbersome activation process Workers may loan a card to a colleague, but would never part with their phone and, unlike an access card, they would immediately seek to deactivate their phone if it were ever lost or stolen. Despite these and other security benefits, most mobile credentialing systems have fallen short in the area of convenience, requiring users to unlock and remove their phones from pocket or purse in order to use them as a credential. These systems require a cumbersome activation process for users and additional effort by administrators These systems also often require a cumbersome activation process for users and additional effort by administrators to manage. In order for smartphones to become the preferred method of credentialing, they need to provide a superior user experience to what they’re replacing – cards or fobs. Better user experience Readers of this white paper will learn how, and why, this equation is changing. Topics include: How mobile credentials can improve both security and convenience. The long-term benefits of deploying and using mobile credentials. How to create a better user experience over cards, fobs, and other less convenient mobile credentials. Why the convenience versus security trade-off is ending. Josh Perry, PDK’s CTO, states, “The next generation of mobile credentialing, that leverages all the capabilities of cloud, smartphone and Bluetooth technology in exciting new ways, will deliver a consistently superior experience to security management teams, employees who use these systems, and security integrators who provide installation and support. Within a few years, I predict that the popularity of mobile credentialing will skyrocket.” ‘Moving Toward Mobile Credentials; How New Technologies Offer Smoother Sailing Ahead’ can be downloaded from PDK’s website
ProdataKey (PDK), an innovator of cloud-based networked and wireless access control products and services, has announced the introduction of “touch io”, a new Bluetooth reader and credentialing option for smartphones designed for use with the company’s cloud-based access control solution, pdk io. Touch io Bluetooth reader touch io does not require the user to unlock the phone in order to gain access through a protected door Touch io brings new levels of convenience and security for the communication between smart phones and access control door readers, eliminating the need for cards or fobs. Unlike other systems, touch io does not require the user to unlock the phone, or to even remove it from pocket or purse, in order to gain access through a protected door. The individual’s identity is validated through communication directly between his/her credentialed device and the reader, via Bluetooth, bypassing the need for internet or cellular connectivity. This can occur from distances as far as 30 feet away, as defined by the customer. By the time the user reaches the door and indicates an intent to enter, by simply touching or tapping a hand to the reader, door activation is immediate and seamless. A combination of machine-learning algorithms that learn door opening patterns, combined with directional antennae placed on each side of controlled doorways, ensure that credentials are not inadvertently validated when employees pass in proximity to the doors from the unlocked side. Superior security Compared to traditional RFID proximity cards, as well as to more high-tech 13MHz contactless smart cards, PDK’s mobile credentials offer superior security on many fronts. Touch io credentials are impossible to clone, each possessing a randomly-generated, unique ID, are authenticated by the Bluetooth reader at each use, and employ a session-unique encryption key for communication with the reader. Furthermore, if a phone is lost or stolen, its owner can immediately deactivate the credential by remotely wiping the phone with a tool like “Find My Phone,” a precaution he or she is likely to take out of concern for other personal data also stored on the device. By contrast, if a wallet or keys are lost that contain a card or fob, the credential remains active until the company’s system administrator is notified of the loss – which may sometimes take days. Cloud-based access control We are making the use of smartphones both more convenient and more secure than traditional methods" The touch io reader is compatible with legacy systems, capable of reading traditional proximity cards. Mobile credentialing is available as part of the pdk io affordable system licensing plan, offering users an unlimited number of credentials for a low, per reader, annual subscription. System administrator can easily generate and assign these to employees with just a few clicks from within the pdk io software management interface. Josh Perry, Chief Technology Officer at PDK, explains, “Until now, the access control market has been filled with Bluetooth mobile credentialing options that offer an inferior customer experience to traditional RFID cards which are, quite frankly, reliable and convenient. With PDK’s touch io, we are redefining the category, making the use of smartphones both more convenient and more secure than traditional methods. It’s the latest example of how our corporate commitment to innovation is bringing a litany of tangible benefits to the security professionals, system administrators and the employees who use our systems every day.”
ProdataKey (PDK), an innovator of cloud-based networked and wireless access control products and services, has released a whitepaper addressing the cybersecurity benefits of cloud-based access control solutions. The confluence of cyber and physical security is driving dealers and integrators, along with their customers, to question the best ways to address security vulnerabilities in the systems they install. Juniper Research estimates that by 2019, the annual cost of cyber-attacks will cost business over $2 trillion. Cybersecurity and cloud-based access control A majority of access control solutions are now comprised of IP devices, each with the potential to provide bad actors with access to the data and operational systems on their connected networks. This whitepaper, “Safely Invisible: The Powerful Security of Cloud-Based Access Control,” compares the exposure inherent in traditional IP systems with those in 100% cloud-based solutions, providing extensive rationale for why access control applications are best run externally from customer’s in-house servers, by trusted cloud solution providers. “IT Professionals often express concern about the safety of running security solutions from servers that are out their control. This whitepaper addresses many misconceptions about presumed vulnerabilities from the cloud and gives credence to the counterintuitive fact that cloud solutions are more secure and preferable, from an IT perspective. We hope the information we’ve shared here can help security integrators lead more educated discussions about cybersecurity with their customers,” said Josh Perry, PDK’s Chief Technology Officer.