Near-field communication (NFC) is becoming a part of everyday life and is widely used for smartphone applications such as Google wallet, Apple pay and digital loyalty cards. NFC is also one of the fastest-growing trends in the security and access control market. End users are calling out for it and increasingly more card reader manufacturers are introducing NFC functionality into their devices.
Before we look at the benefits and challenges this brings for access control, let’s take a quick look at what NFC actually is.
What is near-field communication?
Near-field communication or NFC is a short-range wireless technology that enables two electronic devices to communicate wirelessly over a distance of 4cm or less. Like DESFire and MIFARE radio-frequency identification (RFID) technologies, it operates at 13.56 MHz.
What’s the difference between NFC and RFID?
RFID enables things to be identified using radio waves. NFC is built on RFID standards and takes this a step further. NFC not only allows items to be identified, it enables data to be exchanged securely through contactless peer-to-peer communication. So an NFC device can act as both a tag (emulating a card) and a reader, and information can be transferred wirelessly between two NFC devices.
How is near-field communication used in access control?
Card reader manufacturers are beginning to incorporate NFC into readers and are creating apps so access control credentials can be stored on devices such as smartphones. Which means people can use their smartphone or similar device to gain physical access, rather than an access control card.
Introducing NFC functionality into a card reader makes it multi-tech with the ability to read several types of communication. So one single card reader like Nedap’s NVite read can be set to read DESFire, MIFARE, proximity, QR, Bluetooth low energy (BLE) and NFC credentials, and therefore provide much greater flexibility.
The benefits of NFC for wireless door access control systems
The introduction of near-field communication into physical access control brings a variety of advantages.
- Smoother upgrades
Using NFC-enabled readers makes for a smoother transition when phasing out older technologies and introducing new ones. People can, for example, continue using their DESFire cards while beginning to use mobile credentials.
- Cost savings
As near-field communication enables access control credentials to be stored on mobile phones, an organisation may decide they no longer need physical access control cards. So the costs of buying and customising them can be eliminated.
People like the simplicity of holding access control credentials on their mobile phone, so they don’t have to remember or carry a card or pass too.
- Fewer misplaced credentials
Typically, people take more care of their mobile phone than their access card and so are less likely to forget or lose it. This not only makes for increased security; it reduces the administration time and costs involved in replacing lost cards and providing temporary ones.
- Improved accuracy
A study’s shown that, when people forgot their work pass, they often tailgate a colleague rather than asking for a temporary card. This can have a significant effect on access control data, not to mention safety and security. It can, for example, impact roll calls for evacuations, audit trails and reporting. Tailgating is likely to be reduced with NFC credentials as people usually remember to bring their phone.
What are the biggest challenges for NFC in access control?
Although using mobile phones for access credentials has benefits over using cards, there are also some important considerations.
Less convenience than perceived
To use NFC-enabled access control, people often assume it’s enough to have their mobile phone with them. But it’s not; various criteria must be met. The phone must be:
- A smartphone.
- Equipped with the correct app and credential.
- Switched on and have sufficient battery and NFC functionality enabled.
Most mobile credential readers also need people to complete one or two actions, so they may need to:
- Wake up their phone so the screen’s active.
- Present it to the reader.
- Toggle their phone (or other secondary motion) to confirm they need access.
As the various operating systems such as Android and Apple have regular updates, older smartphones may not be capable of installing NFC apps. And some phones may just not have storage available for another app.
If someone changes their phone, it can also mean they need to download an NFC app and request their credential again. And, with some systems, credentials are locked to one phone and can’t be reused, so this can mean a second charge for another credential. All of which can take time to issue.
If someone arrives and their phone’s battery is dead, there needs to be a backup plan. NFC-enabled entrances could, for example, be fitted with an intercom for video verification. Or stations for charging phone batteries could be provided nearby.
Cyber risks and hacking
Physical DESFire EV2 (and soon EV3) cards can be misused if they fall into the wrong hands. But the data stored on the card, and then transferred, is encrypted to a very high level – often up to AES 128 or greater. Whereas some mobile credentials are plain numbers stored on an app and transmitted via near-field communication. So there’s a much greater risk these numbers can be intercepted and used for criminal activity.
How does Nedap’s AEOS access control accommodate NFC technology?
As well as developing our mobile reader, the NVite, we’ve partnered with several best-of-breed manufacturers that have integrated their NFC solutions into AEOS. This gives AEOS customers greater freedom and flexibility. They’re able to choose the best mobile NFC and BLE technologies and solutions for them. And they’re not locked into using one system or reader supplier.
It also means they can issue mobile credentials to people in their system using the same process through which physical cards are issued. So they don’t have to use a second platform to manage mobile credentials.
Select the right technology for you
Current technologies for door access control readers include smartcard, QR, NFC, BLE, mag-strip and Wiegand, as well as wireless readers. But which is best for your organisation and system? See our guide to choosing the right card technology for more information and guidance.
Want more information on access control and futureproofing your protection? We’re always here to help – just get in touch.
Do you want more information?
Download our guide to choosing the right card technology for more information and guidance.
Frequently asked questions
At a very basic level, access control is a means of controlling who enters a location and when. The person entering may be an employee, a contractor or a visitor and they may be on foot, driving a vehicle or using another mode of transport. The location they’re entering may be, for example, a site, a building, a room or a cabinet. We tend to call it physical access control to differentiate it from access control that prevents people from entering virtual spaces – for example when logging into a computer network.
If you decide to use an access control system, it’s probably because you want to secure the physical access to your buildings or sites to protect your people, places and possessions. That’s just the start for access control systems though. The right system, used well, can add value in a range of ways. You can use it, and the data it generates, to boost not just security but productivity, creativity and performance.
Today, physical security is about so much more than locks and bolts. Many modern physical access control systems are IP-based, powered by smart software and able to process large quantities of data. This provides more functionality, flexibility, scalability and opportunities for integration. It also means they’re part of your IT network, so it’s essential they’re protected and upgraded – just like your other IT systems.
From our perspective, a centralised access control system is always preferable – whether you have just two locations in the same town or hundreds spread around the world. Centralising your access control brings a range of far-reaching benefits.
For the people using your building, biometrics can give a better experience compared to an access badge. These days, biometrics are used for both identification and verification – sometimes even both at the same time. Being allowed to enter your building just by scanning your hand or face makes access control more convenient than ever.
Mechanical keys are the simplest form of physical access control and the method many smaller organisations use. Even for a small company, however, using mechanical keys has several flaws and limitations – especially as an organisation gets bigger. Below are just some of the problems presented by using keys.