NFC Smartphones Replace Keycards in Pilot Programs

September 26, 2012

HID Global announced Tuesday that it has completed two pilot programs that enable employees to open doors using NFC (Near-Field Communciation)-enabled smartphones, conducted at Netflix and enterprise mobility provider Good Technology, according to an article from Information Week.

According to the article, Good partnered with HID Global on a pilot deployment of digital keys that were provisioned over-the-air to its employees' smartphones and used to open doors in the company's headquarters in Sunnyvale, Calif. The purpose of the pilot program was to explore the benefits of mobile access control technology and its potential for enhancing security as compared to Good's use of low-frequency proximity-based photo ID badges, while improving user convenience.

Beginning in August, Good provided 10 employees – C-level executives on down – with Samsung Galaxy S III handsets that were equipped with a microSD card and a range extender from Device Fidelity inside the device. The Galaxy S III and most Android phones have a slot for a microSD card to extend the storage capability of the phone, but "in this case we're using the secure SD card with a secure element to do the heavy lifting to get this to work," says Chris Webber, senior product marketing manager for secure mobile platforms at Good, who was a pilot participant, in the Information Week article. "We did it this way because U.S. versions of the [Galaxy] S III phones... don't have access to the secure element built into those phones and this was the easiest way to run the pilot with our credentials and make it operate like a regular phone."

The goal was to help HID determine whether there were any stumbling blocks to using mobile access control compared with photo ID badges, the article says. "The results were definitely positive," says Webber in the article. "The only thing that needed to change was user behavior" to use the phone to get inside Good headquarters. "It did take a little bit of learning for people to unlock their phones."

He said swiping a cell phone is more secure than using a badge because it requires two-factor authentication to get inside a building: a PIN to unlock the smartphone and then the HID Mobile Keys app to gain entry, according to Information Week.

More than 80 percent of the pilot users said the smartphone was more convenient to use than their current access card, and all said the look of the "door unlock" app on their phones was intuitive and easy to use. More than 83 percent of the participants said physical security at Good was improved by using a smartphone rather than a card to open unlocked doors, the article reports; and 67 percent said other people who saw them using their smartphone to access the building expressed interest in learning more about how they could do it, too, according to Good.

“At Netflix, the more than 1,000 company employees are not required to wear photo ID badges at corporate headquarters. Instead, the company controls building access using HID's low-frequency ProxKey keyfobs, which offer proximity technology in a pocket size device, according to HID. By enabling Netflix to grant new employees building access by sending digital keys over the air to the employee's smartphone, the employee on-boarding process would be more streamlined, HID said. Netflix also liked the idea of an access control solution that combined improved security with the convenience of opening doors with a smartphone, according to HID,” the Information Week article reports.

According to the article, Netflix offered employees the opportunity to affix HID's coin-shaped MicroProx Tags to their current mobile phone to gain entry to the building. The tag was held up to the reader in order to gain secure entry, HID said. During the mobile access pilot, 56 percent of the respondents were using ProxKeys and the other 44 percent were using MicroProx Tags.

The mobile access pilot was conducted at a Netflix building that houses its data science and engineering facilities, finance, IT operations and legal teams. Like at Good, employee participants were given Samsung Galaxy S III handsets which were equipped with an NFC-enabled microSD card and a DeviceFidelity range extender to store and emulate user credentials, the article reports.

"I love the idea of mutually authenticated reader-badges," said Bill Burns, director of Netflix IT networking and security, in a statement. "It reduces the threat of badge skimming and replay attacks." According to HID, more than 80 percent of the 16 participants found the application for unlocking a door to be "intuitive," and almost 90 percent described it as easy to use. About 75 percent said they would be willing to load the app onto their own smartphone, and about the same figure said they were questioned by other people who saw them using their device to enter the building and expressed an interest in it, the article says.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

The security ecosystem protects digital assets, physical assets, and people - the newly distributed workforce creates new and increased physical and cybersecurity risks. Situational and security awareness is a role every employee must play, and you’ll help get them there with awareness, cybersecurity hygiene and security practices that help keep company, employee and customer information safe.

Security Magazine

2020 August

This month in Security magazine, we examine how physical security leaders are being propelled into a unique position of revenue preservers and risk managers for their businesses. In addition, we profile Scott Ashworth, Director of Security for Atlanta United. Also, security leaders discuss how to develop cybersecurity careers, election security, data protection strategies, measuring and reporting security operations maturity and more!

View More Create Account

NFC Smartphones Replace Keycards in Pilot Programs

Related Articles

Related Events

Report Abusive Comment