Cards and smartphones will work together seamlessly within a centralized identity management system. Not only will this centralized system support the use of secure identities carried on both form factors; it also will support their use across multiple applications and on a growing range of digital platforms beyond smartphones including wearables. This will require that organizations take a little different approach to identity management than they have in the past.
There is an important reason why plastic ID cards will remain a widely used identity vehicle for the foreseeable future: they enable quick visual identification in addition to other capabilities for access control including opening doors and making cashless payments. The number of applications that can be carried on smart cards will continue to grow over time and will extend to logical access control, as well.
This will give users the ability to replace all previous mechanical keys and dedicated one-time password hardware with a single ID card. Using Bluetooth Smart or Near Field Communications technology, users will simply “tap in” with their card to gain access to facilities, VPNs, wireless networks and cloud- and web-based applications
Meanwhile, organizations will also want to give users the additional option of carrying these same multiple types of secure identities on smartphones and other mobile devices. The use of mobile devices offers many convenience and security advantages, including the opportunity to use a smartphone’s Bluetooth Smart connection with gesture technology to open doors from a distance by rotating the device while approaching a mobile-enabled reader.
Growth in mobile access adoption will drive a move to centralized access control for reasons beyond simply making it easier for cards and phones to co-exist. This will reinforce the benefits of incorporating a combination of secure physical and logical access into an organization’s facility and IT access strategies.
Organizations will have the opportunity to build unified solutions that ensure cards and phones can be used for secure access to the door as well as to data and cloud applications. The latest advances in converged back-of-house technologies enable strong authentication and card management capabilities for computer and network logon while also ensuring that physical and logical identities can be managed on a combination of plastic cards and smartphones.
Additionally the system must be flexible enough to scale and adapt to new requirements as needs and security threats evolve. This is now possible with the advent of access control platforms that support open standards, enabling organizations to evolve past their current capabilities to incrementally add features and increase security capabilities as needed.
As both physical and online access applications merge onto a combination of cards and phones, identity management systems must be capable of managing multiple ID numbers for multiple applications on multiple devices. It will no longer be feasible, for instance, to assign a single ID number to each user for all applications. The identify management system will need to support multiple application identities with different lifecycles, while also enabling different groups within an organization to independently take responsibility for their own application and identity lifecycle needs.
Another important trend for secure identities carried on both cards and phones is the accelerating move to a biometric authentication model. This model will take the industry toward its long-time goal of eliminating the hassle and security risks of PINs and passwords by making it easier to know if someone is who he or she claims to be. We will see biometric templates moving along with user IDs onto mobile devices for significantly improved convenience and security, and we will see all entities biometrically authenticated into the cloud-based system that is used for secure credential delivery and management.
Cards and phones are quickly converging into centralized identity management systems that will simultaneously improve security and user convenience. The ultimate objective is a unified solution that not only supports both form factors, but also ensures that either form factor — or both — can be used to ensure secure access to the door, to data, and to cloud applications while providing a seamless user experience.
Provisioning various IT and physical access control credentials to a single smart card or smartphone, using one set of processes, will improve convenience and can greatly enhance security and reduce ongoing operational costs. It will also centralize identity and access management, consolidates workflows and tasks, and enables organizations to quickly and effectively use strong authentication throughout their infrastructure to protect access to all key physical and IT resources.
About the AVISIAN Publishing Expert Panel
At the close of each year, AVISIAN Publishing’s editorial team selects a group of key leaders from various sectors of the market to serve as Expert Panelists. Individuals are asked to share their unique insight into different aspects of the campus card market. During the months of December and January, these panelist’s predictions are published at SecureIDNews.