Apple has been quietly disruptive as it enters the market for secure access credentials. Whether you want to use NFC Wallet for security or convenience, you will need to follow their lead, just as the banks did ten years ago.
With Apple Pay, my cards now sit securely in my phone, and I can pay with a swift and secure tap. Behind the scenes it’s more complicated, because Apple looked at the risks and decided to change how banks identified cards and processed payments, accelerating the adoption of tokenisation and other new security schemes.
This explains why Apple was prepared to stand behind unlimited NFC transaction values and engineer the success of Apple Pay.
Limitations of existing corporate access solutions
Today’s corporate ID card market operates with all kinds of risks. Even at the largest companies, users are often identified by a card number that is not unique and easily replicated. Encryption is often non-existent, or uses shared (or worse, leaked) keys. Physical cards are often just handed to users – an ‘enrolment’ process that doesn’t prove who they are.
There are mitigations, of course, but it’s all a bit of a mess.
With our background in smartcard-based logon to PCs, this always rang alarm bells. A proper PKI smartcard implementation uses both technology and processes that can stand up in court– “It wasn’t me!” doesn’t cut it if you are a government agent, defence contractor or another privileged professional.
Why corporate access will have to change
Now, everyone is talking about convenience and the office experience. Flexibility in the workplace has exploded due to the Covid ‘bounce’ and expectations have rocketed. We all want our lives to be simple yet secure.
With NFC Wallet we CAN now go to the gym, the office and then a football match with nothing other than our phones! VTAP is helping that make it all happen!!
Since Apple launched its secure access program, you’ll find dozens of companies vying for your attention. They make it sound easy, often without mentioning that you, the enterprise, will need to change your processes.
Digital corporate ID cards (as well as student IDs and others) have new guard rails at the point of enrolment. There is no longer a person in authority who issues credentials. Instead, it’s self-service through the phone and users must authenticate securely against an identity backbone to prove who they are before getting their pass and gaining access.
Complex back-office = a simple user experience
There’s a lot of complexity behind the scenes, but this neatly solves many common problems around corporate identity and security, including scenarios such as lost, stolen and replacement phones (and watches), employees leaving etc..
As a result, risks are mitigated, the flow is user-centric and smooth, and everything just works!
Forward-looking organisations should seriously consider this technology and the benefits it can bring. Just go into it with your eyes open and be receptive to positive change!
Our VTAP readers are certified for Apple Wallet Access/ECP2 and support connectivity protocols like Wiegand/OSDP so please let us know if you’d like to find out more.