Using Mobile Devices for Physical Access Control
Publication Date: May 2021
Mobile devices, especially smartphones, provide versatile credential hosting platforms that can be employed in a wide range of physical access control use cases. The features provided by these devices support secure credentials that, if implemented correctly, are resistant to cloning, forgery, and alteration. In addition, these devices can protect access to the most secure access control areas with high levels of assurance, due to the implementation of tamper-resistant hardware (e.g., secure elements); the use of strong, multifactor authentication; and the control and management of device configurations, third-party apps that can be installed on the device, and secure forms of communications.
The landscape of mobile device form factors – smartphones, tablets, and wearables – provides unlimited potential and application for physical access. This white paper was developed to provide an educational resource that highlights that potential and promotes the applicability of using mobile devices for physical access across the government, commercial, consumer and academic sectors. Topics discussed in the white paper include:
- Market trends for using mobile devices for physical access
- Mobile device landscape
- Trust frameworks
- Use cases
- Mobile devices and relying party interfaces
- Mobile device support for multifactor authentication
About this White Paper
The Secure Technology Alliance Access Control Council and Identity Council developed this white paper to discuss how mobile devices can be used for physical access control. Secure Technology Alliance members who contributed to the white paper included: Defense Manpower Data Center (DMDC); DualAuth; General Services Administration (GSA); IDEMIA; ID Technology Partners; Integrated Security Technologies, inc.; IQ Devices: Intercede; JCI Software House; NextgenID; Thales; Transportation Security Administration (TSA); U.S. Department of Homeland Security (DHS); XTec, Inc.