9 FAQs on NFC Access Control

What are some of the biggest opportunities for NFC in the secure identity space?

NFC is an ideal connectivity technology for what is called tap authentication – enabling users to simply tap their smart card to laptops, tablets, phones and other NFC-enabled devices for easy and convenient access to network resources, cloud apps and Web-based services.

What are the benefits of a tap authentication approach?

The tap authentication model is designed to improve both security and the user experience across a wide range of enterprise applications. It reduces the need for complex passwords and diminishes password fatigue in environments where it can require 20 or more logins each day in order to access enterprise data and services. Users can authenticate to multiple apps and services on multiple endpoint devices without having to recall and re-type additional codes and passwords. This model also makes it easier than ever for users to leverage a single smart card to seamlessly access data, login to cloud resources and open doors.

Can you elaborate on the security benefits of tap authentication?

Protecting access to corporate data is becoming ever more crucial, especially in a mobile-first world. Employees expect access to corporate cloud applications, data and services anywhere, at any time, from their preferred mobile device. This anywhere, anytime access can potentially make corporate networks more vulnerable to security breaches, significantly impacting their top and bottom lines. Reliance on passwords, alone, is also dangerous. When hackers steal an employee’s user name and password, they can then often move through the network undetected and upload malware programs to other systems. Tap authentication solves these security problems.

How big is the security problem?

According to a recent IBM Security Services Cyber Security Intelligence Index Report, cyber threats – such as phishing schemes and malware – are costing organizations up to 19 percent in revenue, 21 percent in lost productivity and a 29 percent reduction in reputation management. Protecting access to corporate data is becoming ever more crucial.

How does tap authentication improve security in ways that other technologies can’t?

Tap authentication provides a faster and more seamless and convenient authentication solution than possible with dedicated hardware one-time passwords (OTPs), display cards and other physical devices. Mobile tokens can be carried on the same card used for other applications. After users tap their card to a personal tablet, laptop or other endpoint device to authenticate to a network, the OTP is unusable. There are no additional tokens to deploy and manage, and users have only one item to carry – their smart card – and no longer must remember or type a complex password.

You mentioned single-card convenience – what kinds of applications could use the tap authentication model?

The most obvious one is gaining access to facilities. Users already carry a smart card that replaces mechanical keys – now the same card can also replace dedicated OTP solutions for accessing data and cloud-based applications. This model takes advantage of an access control ecosystem that provides a seamless user experience and can flexibly scale and adapt while delivering growing value to the organization.

What is the tap authentication experience like for the user?

The process requires only three simple steps. First, users open a browser on their NFC-enabled device and then type the application URL they wish to access. Next, they enter their corporate username and password. Finally, they tap their access control card to the back of their NFC-enabled mobile device or table to provide the second authentication factor.

How does an organization implement tap authentication using NFC?

Today’s solutions should be cloud-based and not require any on-premises hardware to install or service contracts to maintain. IT deployment is a simple process of installing authentication system software and device apps, synchronizing users with the authentication cloud service, and notifying them when they can begin using the system. Organizations should also have the option of deploying conventional card readers in areas where endpoints do not have built-in NFC readers.

Are there any other considerations for the most effective deployment?

User authentication is one of five security layers that every organization should consider. The others include authenticating the device, protecting the browser, protecting the application, and finally authenticating the transaction with pattern-based intelligence for sensitive transactions. Implementing these layers requires an integrated, versatile authentication platform with real-time threat detection capabilities. This platform, combined with an anti-virus solution, provides the highest possible security against today’s threats.

Tim Phipps, Vice President Product Marketing, Identity Assurance, HID Global

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.