Has The IoT Killed The Humble Access Control Card?
For decades, the basic access card, be it MiFare, Weigand, proximity, smart cards, magnetic stripe and a variety of other card technologies, have been the basis of most building access control systems.
While basic access cards have been the means by which many facility managers have secured their premises, these same cards have also been the bane of many a security and facility manager’s existence. They can be lost, in some cases copied, passed on to others, stolen and so on. Furthermore, they also represent an ongoing cost both financially and in terms of resources to manage, administer and replace. Of course, many experts thought that biometrics would eventually be the technology to knock physical access tokens out of mainstream use but, over a decade after the introduction of the first commercial biometric systems, biometric access control still accounts for a very small portion of the access control market – especially in Australia.
It would seem that with the proliferation of the Internet of Things (IoT), the term used to define the increasingly connected world in which everyone and everything is connected to everyone and everything, Big Data and cloud apps, new solutions such as mobile access control, combined with biometrics, might eventually see the end of purpose-specific physical access control tokens as the ubiquitous smartphone becomes the physical token.
Movement in this direction is already evident from major access control vendors such as Salto and HID. However, the real driver will come from outside both the access control and facilities management/security industries by way of the banking sector.
‘Cardless’ cash withdrawals
As everyone knows, banks have deep pockets. Furthermore, the banking sector is an extremely competitive environment, meaning that the major banks are always seeking to disrupt the market in a quest to create a competitive advantage. To that end, the emergence of ‘cardless’ cash at automatic teller machines (ATMs) is beginning. Currently, this function (where a user can request a one-time pin from his or her smartphone which can then be entered at the teller machine along with a user’s regular pin in order to secure cash) is an auxiliary function at many ATMs around Australia. However, in the US, there is a growing trend towards cardless ATMs.
Dozens of US banks are installing new ATMs or updating existing ones to allow customers to order cash on a mobile application and then scan a code to get their money without having to insert a bank card. US banking giants Wells Fargo, Bank of America and Chase are reportedly in the process of deploying the new ATMs, as are a number of regional banks and financial groups around the world. Makers of ATMs and financial software groups are ramping up to meet this demand.
Ditching ATM cards to reduce vulnerabilities
Interestingly, while many people might perceive this model of banking to be less secure, Doug Brown, mobile technology leader for FIS Global, a major provider of software and technology across the US, states that the cardless ATM (which uses smartphones as the token) removes many of the vulnerabilities of the older smart card ATMs.
According to Brown, the FIS cardless system is currently being used at over 2000 ATMs across the US and and they are looking to expand that rapidly.
Brown believes that in addition to speeding up transaction times, smartphone-based systems go a long way toward curbing skimming, which cost banks around $2 billion in 2015. He states that authenticating the ATM transaction from the smartphone instead of using an ATM card can reduce the transaction time from 30–40 seconds down to around 10 seconds.
Other banks, such as Banks of America, are working on their own Near Field Communication (NFC) solution to allow customers to ditch their ATM cards. Of course, Apple pay should also be mentioned, which some believe will eventually completely replace payWave and PayPass contactless systems.
Once people become used to using smartphones for everyday financial transactions, it is only a matter of time before users come to expect the same level of convenience from other security applications such as access control systems.
How long can the humble access control card survive in the wake of such new and developing trends?
Story credit: Total Facilities
This article was originally published by the Security Exhibition’s sister event, Total Facilities. Find out more about Total Facilities.
About the author: John Bigelow
In addition to his role as Editor for Security Solutions Magazine, which is widely regarded as Australia’s premier security publication, John Bigelow has written for a wide variety of national and international publications including Cards Asia, Security New Zealand, the Journal of Security Administration in the United States, as well as giving expert commentary in regard to security issues on 3AW, 2GB, 4GB and TV programs such as Sunrise and the Today Show.