Blog

Mobile Phones are Driving Smart Credential Adoption

25 January 2022

Smart Mobile Credentials for Access Control Applications

Facial recognition has become one of the most used biometrics to unlock mobile phones and specific Apps such as mobile banking. Just pick up your smart mobile, and with facial recognition enabled, the built-in camera captures an image for the phone system to check to the biometric data stored during configuration. If specific points in the image match those in the stored data, the phone opens giving access to the Apps it runs. If not, the user may have to try again, or input a second credential such as a ‘user-pin’ or pattern.

What is Facial Recognition?

Facial recognition is a technology used in biometry, that enables identification and authentication of an individual based on quantified physical, physiological, and behavioural characteristics. Biometrics include facial features, fingerprints, vein & palm patters, and even iris scans.

Any device that stores and uses biometric data is subject to the relevant data protection regulations in the countries where the devices are used. Identification and authentication are essential for biometric use in access control and security applications.

With compatible mobile phones and tablets, facial recognition provides a primary security layer that the user must pass through to gain access to the mobile device and its Applications. Some Apps may also themselves request further validation using facial recognition before they can be used. Here, facial recognition provides a secondary security layer. For mobile devices, a fingerprint can also be used for biometric verification.

The facial recognition process is one of identification and then authentication. Identifying, ‘Who’ is the person trying to gain entry, followed by authentication in terms of verifying that the person is who they claim to be and then ‘Where’ and ‘When’ they are allowed to go. Entry may be to a mobile device, an application or door to a building in access control systems.

Facial Recognition and Access Control Systems

There are at least two ways to use facial recognition as security layers within a building’s access control system.

The first is to use facial recognition camera terminals. These can be used in place of traditional card or card & keypad readers used with some access door controllers. These camera terminals have a sophisticated camera system to which a person requiring entry presents themselves. Their image is taken and compared to biometric data stored within the facial recognition camera management software. If the image ‘passes’ a credential is sent to the access control system and access through a doorway may be granted. For a ‘‘failure’’, the doorway remains locked.

Facial recognition camera terminals can also be used to provide a health protection layer to a building. They can take forehead temperatures and warn if they are above a pre-set level. Normally this is 36.3 to 37.3⁰C. Someone with a viral infection such as COVID-19 will typically present a higher temperature and may therefore be prevented from entering a building or controlled space, such as an open-plan office or canteen area. Smart camera terminals may also be able to check if a person is wearing a face mask.

Smart Credentials and Bluetooth Mobile Phone Readers

A second use of facial recognition is where mobile phones are used to carry smart credentials. These are presented to Bluetooth readers in the same way as a MIFARE card is to a wall mounted card reader. The smart credential is read by the access control Bluetooth reader and passed to the access control system software for database verification. If the credential matches, the person is granted access to areas set up within the system for them.

With Bluetooth readers, the facial recognition and biometric elements are within the mobile phone or tablet themselves. If the user loses their mobile phone or believes that their credential has been compromised, it can be cancelled via cloud-based management software and a new one supplied.

Smart credentials can be used with mobiles, tables and smart watches and can be easier to distribute than MIFARE cards. Credentials can be sent via email or read as a printed QR-code. The mobile user simply has to download a compatible App from a Google Play Store or Apple App Store and load the credential.

Another benefit of smart credentials is that they can be configured so that they only have to be near to the Bluetooth reader rather than presented close to it. For example, a mobile phone could be within a pocket.

Smart credentials can also be used with long-range readers in the same way. Long range readers are used in gate control and car park applications. If the mobile phone has been opened with a biometric or pin, the credential can be read by the long-range reader to allow a vehicle to enter.

Any access control system using smart credentials should ensure protocol encryption and security to ensure that their use maintains the same level of security offered by more traditional MIFARE cards

Summary

Smart credentials can be used in a variety of access control applications, especially where contactless door entry is required. As a ‘virtual badge’ they can be easier to administer, distribute, replace and if required cancel, than a more traditional MIFARE card. For some sites, MIFARE cards may always be the preferred choice. These include high security sites such as prisons and those open to the general public including hospitals & medical facilities, or manufacturing & industrial sites, where the use of mobile phones may be prohibited or not practical.