301.519.9237 exdirector@nesaus.org

3.14.22 – SSI – Mark Prowten

While proximity cards may still dominate the access control landscape, a shift is afoot with the evolution to smartphone-based credentialing via Bluetooth-enabled readers. Discover advantages that include enhanced convenience and secure encryption.

Ongoing concerns for security along with advancements in wireless and other technologies used in security systems are helping to fuel the growth in the access control market.

This is what research firm MarketsandMarkets cited in its latest access control market report where analysts predict the market to grow from $8.6 billion in 2021 to more than $13 billion by 2026. This is good news for integrators, dealers and suppliers of access control readers.

While existing prox ID-based readers are proven access control workhorses, what integrators and their customers are learning is that 125 kilohertz (kHz) prox credentials solutions have experienced documented security vulnerabilities. Unfortunately, hackers have found ways to easily clone prox credentials.

To remedy this weakness, the industry started moving to smart 13.56 megahertz (MHz) credentials and now many are making the move to using smartphones where access control credentials can be replaced with mobile technologies utilizing higher encrypted credentials tied to the smartphone.

This article outlines the multiple advantages integrators can offer their customers when they switch to mobile Bluetooth-based access control solutions. It will show how security can be increased with encrypted Bluetooth credentials, removing the cloning and hacking concerns with prox credentials.

A Growing Access Control Trend

The access control trend in adopting smartphones tracks their evolutionary use. According to Pew Research, 85% of Americans now own a smartphone and even a higher percentage (95%) are owned by ages 18 to 49.

Installers are seeing higher customer demand to deploy the most secure technology and access control solutions possible. An estimated 20% of all organizations last year made the switch to using mobile credentials for access control.

One good reason is that smartphones have inherent credentials protection and built-in convenience factors such as biometrics or personal identification numbers that make them more attractive and secure for access.

Bluetooth-Based Solution Benefits

The main reason Bluetooth is so attractive for access control is that it can be used with a person’s smartphone, which is already utilized for so many everyday tasks. Familiar and widely applied, Bluetooth technology is recognized by anyone who has set up a smartphone or laptop. A further advantage is that using smartphones eliminates the hassle of remembering keys or a proxy card.

The most significant security benefit realized with Bluetooth and 13.56MHz credentials is that they are encrypted, making them much harder for hackers to clone. Another advantage is that Bluetooth provides a varying read range option that spans from inches to in excess of 30 feet. Installers can select the read range that best suits the application whether it is to secure a single room or the entry to an entire facility or parking structure.

The type of technology used in mobile access control applications is Bluetooth Low Energy (BLE). This very efficient and high-performance technology is resident in virtually every smartphone and provides ample bandwidth for an encrypted security credential and future access services.

A typical BLE-based access control system is set up via a Bluetooth-enabled reader wired to the access control panel and the credential holder’s smartphone. Installation is very simply handled through the phone’s cellular data network or a secure WiFi connection. An Internet connection is only required during the initial setup and download of the BLE credential, it is not required for a user’s door access with their mobile credentials.

Highly secure BLE credentials are easy to purchase, deploy and use as no new software or additional programming is required. And, many Bluetooth-based readers, such as those from Nice/Nortek Control’s Linear brand, are panel agnostic, so they can be used on any existing Wiegand-compatible access control panel.

Key Features to Seek

With many Bluetooth readers to select from, what are the top features to look for that best match customers’ needs today and in the future? One important differentiator offers an easier way to distribute credentials with features that permit users to register only once removing the need for portal accounts or other activation features.

By removing these additional information disclosures, privacy concerns are eliminated that have slowed acceptance of mobile access systems.

It is also beneficial to seek out BLE readers that have several options to customize access control in a secured way. For instance, does the associated app use credentials that are stored on the phone or mobile device and not on a separate server? And, does the app allow Bluetooth credentials security to be further enhanced by the phone’s built-in fingerprint scanner/face unlock?bluetooth access reader

An example of a Bluetooth reader, this Linear model includes a digital range-setting card that lets installers toggle among four modes to enable users to unlock a door from 2 inches up to 30 feet away.

These features maximize security when mobile credentials are used. Also, users gain 128-bit AES encryption benefits with 13.56MHz readers as opposed to legacy prox (125kHz) cards that transmit card data in plain text, which is not protected by encryption.

Providing a flexible upgrade option for buildings and offices that already have a prox or smart card system, organizations should look for Bluetooth readers that support both BLE and traditional cards and fobs. This allows site administrators to migrate users over to more secure Bluetooth credentials at a time that best suits their needs.

These readers are also well-suited for new construction facilities enabling administrators to do away with legacy prox credentials and directly adopt BLE/smart credentials.

Enhanced Security via Mobile Apps

Because 13.56MHz information is extremely difficult to clone, and by combining the BLE reader solutions with advanced mobile apps now available, users get the added convenience of touchless entry, and the flexibility to have both physical and mobile credentials. These new mobile apps are also able to securely store and deliver mobile credentials to personal devices.

Furthermore, some apps provide the ability to customize options to specific end user needs, and store multiple credentials with a color-coded labeling system to distinguish between the credentials. Security and credential protection are also enhanced using a smartphone’s built-in biometric sensors.

Dealers will appreciate the simplified deployment process as there is no portal login or onboarding process required so a user’s information stays secure and private. In addition, many new apps only require a one-time registration of a user’s cellphone number.

Convenience and Security

Bluetooth readers deliver the ability to use both physical and mobile credentials giving organizations new options and user conveniences they didn’t have before. As a standardized wireless technology solution, Bluetooth readers are gaining popularity because they do not require additional network equipment.

Most importantly, the added security afforded by BLE and 13.56MHz readers and associated credentials allows dealers to meet increasing customer demands for the most secure access control solutions.


Mark Prowten is Director of Product Management for Nice/Nortek Control’s Linear brand.