Employees of Telus just got access to the latest in building-security technology, and it just happens to be in their smartphones. The Canadian telecom provider is putting employees’ security credentials directly on their phones’ subscriber identity modules, or SIM cards, allowing them to “badge” in out of buildings and secure areas the same way they would with a company ID or key fob.
U.K-based security software developer Intercede and SIM-card maker Gemalto are providing the technology, and here’s a rundown of how it works: As new employees are hired they provide their mobile phone numbers and then download Intercede’s MyID app to their smartphone.
The company sends either a text message or an email to the employee, with a prompt to download security credentials from the phone. That download will verify the employee’s identity against the information in his or her SIM card and then install a Java Applet into the module, which acts as their keycard going forward. The phone’s near-field communications (NFC) chip becomes the pass-through mechanism to a building’s contactless locks.
From that point on the employee can open a door with a wave of a phone. But the credential system acts as more than just a keycard, said Intercede VP of Business Development Peter Cattaneo. It can also be used as a security token to grant a phone access to a corporate intranet or email server, he said. For additional security, a company could take advantage of some phone’s fingerprint reader or other biometric sensors to ensure not just the device, but the person holding it, is authorized to enter a door or use a network.
Some of you are probably poking holes in this scenario by now. The obvious limitation in moving entirely to mobile phone-based building security system is the huge variation in hardware employees own. In fact, these are many of the same barriers faced by NFC-based mobile payments systems like Isis and Google Wallet. Only newer high-end Android phones have NFC chips today, and depending on the degree of security a company wants to use, older generation SIM cards might not support the software.
As a mobile carrier, Telus has a lot of say over the phones and SIM cards its employees use, but you won’t get that kind of control in another company, especially if that company is just one of many in a multi-tenant building. According to Cattaneo, however, these are easy issues to overcome.
First off, SIM credentials aren’t a stand-alone solution, he said. If an employee doesn’t have an NFC phone they can just use a traditional keycard. For iPhone users, companies can issue NFC sleeves much like the ones Isis uses for its mobile payments service.
Ultimately, though, the more useful applications that are built around NFC, the more incentive device makers have to include the technology in their future phones. (Check out Gigaom Research’s recent report on the different use cases for NFC.) Right now, the fledgling NFC-based mobile wallets aren’t much of selling a point. But as it becomes possible to use NFC phones to get in and out of our homes and businesses, board subways and even start our cars, contactless technology becomes much more useful.