Is your smartphone becoming a digital ID?
Using smartphones instead of plastic IDs improves security and access control
By Jarret Winkelman, Contributor
At secure facilities, it is crucial to know and control who is gaining access to a facility. This traditionally has been done with plastic ID cards, but new software innovations let correctional facilities track people and control access more accurately.
Traditional forms of identification have many benefits. They typically incorporate a person's name, organization and photo. Some ID cards also may contain embedded access control capabilities.
However, these traditional forms also come with many disadvantages. They can be forged, lost or easily stolen.
There’s a better way, and the many of us already carry the answer.
A smartphone is capable of storing, protecting and presenting identity in ways not possible with a physical ID card. A mobile identity can contain personal identifiers (e.g., name and photo), as well as organization affiliations, certifications and more.
With a mobile identity, randomly changing data on the mobile ID card syncs back to a server. This allows a badge to be scanned and confirmed. Because these codes change constantly, they can’t be forged.
With traditional IDs, an organization often dedicates significant IT resources to configur-ing and maintaining the identification program. This includes the process of issuing IDs, taking photos, replacing lost IDs and maintaining door access hardware such as palm scanners or keypads.
With a mobile identity, everything is managed through the user’s mobile device. The ID is impossible to lose. If a device is lost, the user remotely wipes the device and signs in from another phone, as IDs are still there. There is no need to print and distribute new cards.
4 smartphone applications for corrections
Biometrics: A smartphone’s camera and microphone can be used to capture face and voice prints, creating a highly secure mobile identity. Because the biometric challenge is presented from the device, any door, elevator, software program or computer can be turned into a highly secure, biometric capable, access point.
Access Control: Using Bluetooth technology, secure doors can be programed to open upon sensing an authorized user approaching. Users can also open doors by scanning a code or hitting a button on their phone, depending on the security configuration established by the administrator.
Geo-Fencing: The smartphone’s GPS can be tracked and used to qualify access requests. If a user’s device is not registering as being within a certain distance of the door they are requesting access to, the request can be denied. Geo-fencing technology could also allow a user’s location to be displayed on a map.
Ad-Hoc Badges: Giving administrators the ability to create new badges on demand is a powerful tool. Perhaps a special operations unit should be issued a separate badge with unique access rights or need different badge for each level of security they are able to work within.
Perhaps one of the most powerful features of mobile identity is the ability for agency administrators to add, remove and modify agency badges at any time. For example, a sheriff’s department may normally issue a generic agency badge to all deputies, regardless of whether they work in the patrol or detentions division.
With mobile identity, officers in the detention division may be provided a separate badge, allowing them to access areas of the facility that would not be necessary for a patrol deputy.
If a patrol deputy works an overtime shift in the jail, a temporary detentions badge could easily be sent to his mobile device.
When reporting for duty in a certain area of the facility, the deputy may scan a QR code on the wall to register his start and end time. This would create a record in the system that can generate an activity report later.
Physical access controls can be incorporated into the mobile identity to allow staff to open doors, gates or access elevator floors using Bluetooth or other technologies em-bedded in the device.
Logical access, or logging into software applications, also can be managed via the same mechanisms. As a staff member approaches a computer, their mobile identity can be detected and the computer can be logged in using their security profile.
When they walk away from the computer, it automatically can lock itself.
When entering a more secure area, the software can be programmed to challenge the user for additional verification such as a voice or face print.
Unlike a traditional biometrics system, which requires the purchase of expensive hardware for each door, with a mobile identity solution, the mobile ID becomes the biometrics tool. Any door controlled with industry standard access control mechanisms can be transitioned into a biometrics capable access point.
This is really just the tip of the iceberg for mobile identity. The opportunities are endless, from day-to-day access control to incident management, to statistical analysis of labor hours or access habits.
The value of leveraging the power of a smartphone in an identity solution is significant.
Jarret Winkelman is the president of Incident Response Technologies (IRT), a leading provider of incident management, command and control, and ICS solutions for public safety organizations. Jarret has extensive public safety experience including having held chief officer roles in EMS and search and rescue organizations as well serving as a federal hazmat responder. You can reach Jarret by e-mail at firstname.lastname@example.org.