Pat Alvaro, Country Manager, Canada, ICT explores how mobile credentials are useful for more than just access in discussion with Zeeshan Butt, Co-Founder and President, Mosino One.

The iPhone, the device that reinvented smartphones and revolutionised the way we communicate, has just celebrated its 16^th birthday. This means the generation that is about to enter higher education or the workforce has never lived in a world without the freedom, connectivity and flexibility that smart devices offer.   

Interestingly, this may lead to an increasing disconnect between those who still need convincing of the merits of this technology (many who are leaders or key decision makers in organisations) and those who are natives and are increasingly demanding smart, mobile experiences.

Get more from mobile

It’s no surprise that mobile credentials are increasingly being used in access control systems as a convenient and secure means of granting access to secure properties of all shapes, sizes and security requirements.

Over the last two years, we’ve seen almost ten times in growth of mobile credential purchases at ICT, while one in five people in the 2022 Physical Access Control Trend Report said mobile access would have the greatest impact on physical access control.

Typically stored on a device such as a smartphone, mobile credentials can replace or reduce the need for traditional credentials such as fobs, cards or keys and provide a more convenient and user friendly experience for individuals accessing secure areas.

A 2019 study showed that 20% of people reported losing their access card or fob key in the last year. Users are much less likely to lose their mobile phone (or lend it to someone else) and are more inclined to report it missing.

While physical credentials can be costly and time consuming to replace, mobile credentials can be easily reissued, revoked or deactivated if a device is lost or stolen, which provides a more secure and flexible means of access control.

Mobile credentials also provide an extra layer of security with built-in biometric authentication methods such as fingerprint scanners or facial recognition on smartphones. Like other types of card technology, mobile credentials can be integrated with other building systems, such as lighting, HVAC and security cameras, for a more seamless, automated experience.

Adding value to access

On their own, mobile credentials are a great way of gaining entry, but what really helps to drive adoption is when we demonstrate the additional value of using mobile credentials in conjunction with other features to extend their usefulness.

There are many other examples of the Bluetooth or NFC (Near-Field Communication) technology mobile credentials use, that are already mainstream; from paying for public transport or your groceries with a smartphone and college students charging meals to their account, through to logging on to a computer or releasing documents to a printer at work.

Bringing this back to a security and access control focus, third parties can access the advantages of mobile credentials built into a unified security solution with the use of APIs or other custom integration tools to integrate with their own technology.

Integrate and innovate

An example of this is Mosino One, a Montreal, Canada-based company that is building smart communities. They use our Mobile SDK (Software Development Kit) and API functions to bring mobile credentials and security solutions into their own cloud-based ecosystem.

Mosino One is a fast growing tech company that started with a focus on multifamily residential. They found that combining a unified security and intrusion platform with mobile credentials for access control and their property management platform provides the perfect mix for their digital concierge, reservation modules and automation suite of products.

Co-Founder and President of Mosino One, Zeeshan Butt said: “By itself, a credential has no idea if it’s for a visitor, employee, a third party vendor or a resident. We extend the functionality that ICT provides so that users can operate in a common and familiar ecosystem.

“Access control systems allow you to assign access for a housekeeping company that is only going to come in Monday and Friday from nine until eleven. But, by linking mobile credentials with other data in our system we can automatically create and issue the mobile credential for a new resident as soon as the lease is electronically signed in our platform.”

The reason why mobile credentials are the perfect match for the Mosino One platform is because they improve customer onboarding and keep things simple so there’s no need to jump around multiple apps. Butt added: “You’re literally competing against physical keys and fobs that you take out of your pocket and tap on something. So, if you make anything more complicated than that, you’re going to lose.”

Scaling down

A lot of the focus on mobile credentials focuses on installation at scale – university campuses, hospitals and large commercial operations. But, as Butt explains, this can scale down to instances of individual apartments: “We did a project with a company that has integrated access, security, building automation and visitor management across different locations.

“The owner of this company then said he has apartments used as short term rental by staff and partners coming in from different countries and wondered what he could do.

“So, we have just deployed one big penthouse apartment with the ICT card reader and mobile credentials; not only do they have control of their business sites, now they can book this accommodation through the app and the same application allows them to unlock the door just by tapping the phone to get in.

“Through the system we also manage the temperature, thermostats, television and blinds. This proof of concept shows the customer how ICT and Mosino One can work together on that smallest level. Now they’re going to deploy this innovative solution to eight different apartment complexes across Canada.”

Auditable insights

In Canada, there is a government mandate relating to multifamily retirement homes stating that each management company must have some auditable tracking capability for residents.

Butt explained how they are experimenting with RTLS (real time locating system) wristbands that also include mobile credentials: “The wristband is a tracking device, gives the ability to call a nurse, plus acts as an access credential.

“It’s actually a great experience for aged care multifamily where there’s a huge mandate to improve their current technology,” he continues.

The path ahead

As mobile credential use continues to grow, there is still some tension in the industry about how to apply this technology. Some companies use a subscription model which means the ongoing cost of a mobile credential can add up to more than a one-off price.

There is also an increasing call for the flexibility provided by reusable credentials. These can be added to Apple or Android in-built wallets and allow limited-time access for short term rentals or hotels or visitor access for businesses, before being ‘recycled’ for use in a future instance.

These also give the advantage of using the backup battery power for the wallet to allow access even after the normal phone battery has died.

A continued focus on education is required to convince people of the merits of this technology, which is why it’s so important that security manufacturers go on working together with partners such as Mosino One. Innovations which bring increased usability and reduce friction for customers and end users can only help the cause and increase adoption.

Summary

Mobile credentials continue to revolutionise access control and security by providing a convenient and secure means of granting access to secure areas.

With the added security of biometric authentication, the ability to easily revoke or deactivate lost or stolen devices and the cost and user friendly benefits over traditional physical credentials, they provide a future-looking alternative that more and more organisations are turning to.

On top of this, the use of custom integration tools allows third parties to unlock even more functionality and take advantage of the full capabilities provided by ICT’s Protege platform. This brings mobile credential technology to life and lets companies like Mosino One add even more value to their customers with ever increasing use cases.

This article was originally published in the February 2023 edition of International Security Journal. To read your FREE digital edition, click here.

Vincent Dupart, CEO, STid speaks exclusively with International Security Journal.

What are the major trends in access control you are seeing currently?

First, security managers have become aware of the importance of choosing trusted technologies that guarantee certified and interoperable security.

As opposed to the proprietary solutions that were the trend in the 1990s and 2000s, these technologies are open, scalable and are becoming standards. They allow you to remain autonomous and in control of your security. It is one of STid’s keys to success!

Another trend: The need for contactless access control solutions is increasing. The challenge is to offer a seamless user experience without affecting corporate security levels. The ubiquitous smartphone brings immense potential for new access control uses and better integration into our daily lives.

Always-available virtual badges are easier to use, reduce loss and theft and speed up access processes. And, worldwide standards are helping to make scalable mobile solutions a reality.

More mobility brings an increase in threats to IT infrastructure of both large and small organisations, often subject to attacks in both the physical and digital world.

A nefarious person with physical access to the corporate server room or a workstation connected to the network may access critical IT systems with disastrous consequences. The migration to high security solutions is essential!

Can you tell us what STid’s key focuses are for 2023?

With a growth of 120% in two years and four additional awards in 2022, the current dynamic confirms our ambitions for 2026 and prompts us to accelerate our deployment.

For more than 25 years, STid has created and developed identification solutions for high security access control and automatic vehicle identification to make everyday life easier while ensuring effective data protection.

Our international development is one of our priorities for this new year, in the US, South America and the Middle East. Our teams are quickly establishing themselves there (+500% in two years) and ensure the implementation of a proximity strategy that guarantees the highest level of service.

This expansion matches the ambitions announced by STid as part of its 2021-2026 growth plan!

What are the strengths of STid’s high security access control readers?

STid readers and solutions are compatible with all access control systems currently available. The modular setup of STid’s unique readers futureproof the infrastructure of end users and allow partners to offer enhanced levels of security to their clients, even when their secured estates grow or their needs change – or when technological upgrades are required.

Finally, how successful was Intersec for the STid team?

It was a fabulous edition! We created a new immersive experience in high security identification. We showcased hands-on demonstrations of the power of our STid Mobile ID platform, the comprehensive range of scalable Architect readers and the performance of our SPECTRE nano reader, which has recently won four awards.

Our partners and visitors were totally engaged with our vision and the infinite possibilities of our products and solutions in high security identification!

This article was originally published in the February 2023 edition of International Security Journal. To read your FREE digital edition, click here.

Madison Square Garden Sports Corp. has announced that it will invest up to US $10 million in Xtract One Technologies Inc.

The initial investment of US $6.3 million is effective immediately, with the subsequent investment of US $3.7 million being conditional on the approval of Xtract One’s shareholders and all applicable regulatory approvals.

The initial and proposed subsequent equity investment will enable Xtract One to further innovate its advanced security solution and accelerate its growth into new market segments.

Xtract One is transforming perimeter screening and security, replacing obsolete walk-through metal detectors with a fast, frictionless entry experience, while simultaneously providing a security solution that delivers exceptional experiences and safer environments.

“We are thrilled to announce this investment and partnership with MSG Sports,” said Peter Evans, CEO, Xtract One. “We continue to see impressive growth in market interest and customer adoption of our security technology solutions.”

“I believe this relationship will create unique opportunities and benefit multiple industries.”

To learn more about the full financial details, visit: xtractone.com

International experts discussed the options for the future deployment of detection systems to help make the world a safer place as Kromek hosted its annual seminar and showcase at the Royal Academy of Engineering, London.

One of the most important conclusions reached was that better decisions are made when decision makers have access to accurate, timely, meaningful data.

This was amply illustrated by the fascinating talk and discussion led by Dr Vincent Tang from Lawrence Livermore National Laboratory (LLNL), who was the Programme Manager of the US SIGMA programme, which built a data provision and analysis network system.

The fascinating session was backed up by a lively discussion on the utility and deployment of the SIGMA Network and the need to provide robust, deployable and effective modern detectors.

Such detectors must have the capability to rapidly provide useable data that can be processed into formats decision makers can use without difficulty.

The counterpoint to this was an equally fascinating presentation of the impact the War in Ukraine has had on the radiation detection system in that country. This session showed the utility of the deployability, sensitivity and effectiveness of the Kromek Radiation detection systems.

Dr Oleg Voitsekhovych, Head of the Environmental Monitoring Department of the Ukrainian Hydrometerological Institute in Kyiv joined the seminar by Zoom and his colleague Matthew Wrigley, Head of Operations in Ukraine for Hala, was present in person.

There was a specific session on Kromek’s suite of radiation detectors, including the launch of its newest static node detector, the Static Note R, which is equipped with both cellular and satellite connectivity for enhanced endurance in remote or high-hazard situations.

It has sufficient power for a seven-day period and has a built-in full-spectral capability. Additional enhancements to existing detectors were also unveiled, including the new languages capability for the handheld D5 RIID.

Dr Arnab Basu, Chief Executive, Kromek said: “We were delighted to host a global panel of experts to discuss the importance of radiation detection and resilience in a time of conflict.

“The war in Ukraine has heightened public awareness of the genuine risks of a radiological incident and the need for national programmes for detection and resilience.”

Chubb has expanded its Senior Leadership Team with a number of key appointments.

David Dunnagan has been promoted to Managing Director of Chubb UK&I, following Brendan McNulty’s promotion to the newly created role of Vice President – Europe last summer.

Dunnagan has enjoyed a successful career with Chubb, starting as an apprentice in 1993. He now drives the company’s ambitions of becoming the employer of choice and the number one fire and security business in the UK and Ireland.

Gary Moffatt has been promoted to Director for Fire and Security UK. Continuing his long and successful career with Chubb, Moffatt’s appointment is his latest milestone achievement, having secured several promotions since joining the organisation in 2001 as a university graduate.

A new addition to the Chubb team is Terry Sallas. Sallas joins as Managing Director of Major Projects and has a proven track record of helping organisations create a vision, discover new markets and grow. He will lead projects incorporating specialist solutions through its technology-leading businesses, Chubb Systems, Frontline Security Solutions, Fire Systems and the software brands, Sisys and Mentor.

Dunnagan commented: “I am delighted that we have significantly strengthened our Senior Leadership Team. Gary and Terry bring an incredible amount of knowledge and experience to our team and together with the wider team, we will lead Chubb into its next ambitious growth phase.

“We’re guiding our customers through the digital switchover and harnessing the power of new technology, so our fire and security solutions are even better connected and help customers lower their impact on their operations.

“By getting the basics right, we can be even more responsive and tailor our offering to provide a personal service to our customers. From there, we can evolve and be the number one provider for fire protection, life safety and security.”

Johnson Controls and Willow, a provider of digital twin solutions for critical infrastructure and real estate, have announced a global collaboration to digitally transform buildings and facilities into healthier, safer and more sustainable environments for their customers and occupants.

Johnson Controls and Willow have committed to jointly bring next-generation solutions to their customers. According to the companies, digital twins are playing an increasingly important role in the design, construction and ongoing operation of healthy buildings and facilities and can be particularly valuable when analysing large datasets and predicting patterns and trends.

“When it comes to our OpenBlue suite of connected solutions, our customers see the return on their investment for creating smarter, healthier and more sustainable buildings – it’s a win for them and the environment,” said Rodney Clark, Vice President and Chief Commercial Officer of Johnson Controls.

“We look forward to working with Willow to provide increasingly robust digital twin solutions to our mutual customers.”

“Through this partnership we have an incredible opportunity to help customers re-imagine what is possible when they digitise their buildings and facilities at scale,” said Joshua Ridley, Chief Executive Officer and Co-Founder of Willow.

“By integrating the power of WillowTwin with Johnson Controls OpenBlue Digital Twin platform, customers can obtain operational efficiency and cost reductions, improve their sustainability management and improve IoT/operational technology security across their buildings and facilities portfolios globally.”

In connection with this collaboration, Johnson Controls and Willow have entered into a go-to-market agreement and license agreement for the use of digital twin technology patents held by Johnson Controls. The companies also agreed to strengthen their technology and business collaboration in marketing, implementation and interoperability.

Given the detail that is coming out of the inquiry into the terror attack at Manchester Arena, UK in 2017 – where 22 people were murdered – as well as the increasing number of attacks that are happening in public spaces and around major events such as the Gare du Nord train station stabbings in January 2023, security around Major Events and Public spaces is at the fore of many security professionals’ thinking.

“The threats posed by terrorism and serious and organised crime are a global concern and both governments and the private sector continue to seek solutions to ensure the safety and security of their citizens,” said Graham Stuart MP when he was a recent Minister for the UK government.

“It isn’t just these high profile threats, however, that can affect the smooth running of large scale events. Even minor disruption can impact customer experience and result in a loss of reputation and business.”

The US government website, ready.gov, details the types of possible attacks that could cause mass casualties as: Individuals using firearms to cause mass casualties (active shooter); individuals using a vehicle to cause mass casualties; individuals using homemade bombs to cause mass casualties; other methods used in mass attacks may include knives, fires, drones or other weapons.

Managing complexity

The UK Centre for Protection of National Infrastructure (CPNI) takes the lead in providing free advice to those responsible for public spaces and major events and says: “Agreement and awareness of protective security governance, roles and responsibilities is key to the deployment of effective protective security at all events, particularly large events.

“This must include the roles and responsibilities of all stakeholders, both internal (e.g. venue operator, guard force) and external (e.g. police, and other government departments), involved in the provision of protective security for the event and must reflect the different stages of the event. This should include: “Build phase; Pre-operational phase (final preparation/rehearsal/readiness); Operational phase; Post event/decommissioning phase.

“Protective security measures, incorporating physical, personnel and cybersecurity, should seek to achieve the following: Deter adversaries from targeting the event; Prevent prohibited items (especially those that could cause physical harm) from entering the venue(s) through effective search and screening; Detect and delay any attempted attack and assist with its apprehension; Not hinder the intended functioning of the venue; Give visitors a sense of security while not appearing intimidating or oppressive.”

The UK are proactive in major event security but, as Manchester proved, things can and do go wrong, hence the promise by the government to introduce a new Protect Duty placing mandatory requirements on Publicly Accessible Locations (PALs); this duty will be known as Martyn’s Law, named after Martyn Hett – a victim of the Manchester attack and the son of Figen Murray, who has campaigned for the new legislation ever since.

The complexities around the introduction of a Protect Duty are highlighted by the fact it has taken six years for even the first draft to come out.  However, the UK has been developing lessons and comment in parallel.

The UK Defence and Security Export Department’s Major Event Security Paper delivered some good advice and comment. It gives seven capabilities to ensure that security managers can make and communicate effective decisions. These are: “Planning & Intelligence; Physical Protection; Screening & Detection; Reassuring & Visible Security; Command, Control & Communication; Incident Response; Cyber Security.”

In the same report, Colin Morgan CSyP – who is the former Head of the Public Order Branch at the Metropolitan Police and Head of Security at Lord’s Cricket Ground – commented: “The UK has a strong reputation for delivering secure events to a world-class standard over a number of years and across a number of sectors, including top tier sporting tournaments such as the Olympic Games, highly secure political events, annual events such as Notting Hill Carnival and Glastonbury Festival and weekly elite sporting fixtures.”

He went on to say: “The UK’s reputation is built upon delivering effective, proportionate and tested multi-agency security. We have learnt from experience to implement novel techniques and products that mitigate identified security risks.”

It is that multi-agency element that is one of the more difficult to coordinate, as has been identified in the Manchester Arena inquiry. However, simple techniques such as a standard reporting procedure help break down organisational barriers and the METHANE reporting protocol is one such simple but effective tool; it is how an incident is initially reported to all.

Alongside the physical threats, cyber is and remains an issue, exemplified by cyber-attacks during the opening ceremony of the PyeongChang Winter Olympics which caused 12 hours of disruption. The UKs National Cyber Security Centre (NCSC) recommends a three-step approach; a discovery phase, a risk management process and cyber incident response planning. It seems that, especially with international sporting events, because of some sporting sanctions, the nation state cyber threat is and also remains very real.

Major events and public spaces are and will remain an attractive target for terror, serious and organised crime and other threats – the publicity around incidents is too tempting to miss for those who thrive on it. When the draft is released this year, the Protect Duty in the UK will continue to stimulate more debate around this complex but important subject.

By Philip Ingram MBE

This article was originally published in the February 2023 edition of International Security Journal. To read your FREE digital edition, click here.