Autor: Rafał Gwoździowski
Anyone who has been, or is currently, a user of any access control system is well aware of what a physical card is, and at the same time may not be familiar with the relatively new term virtual access card. The following article is intended to introduce the concept of a mobile credentials which we call just a virtual access card (VAC). But before I get into that, it is necessary to explain what a physical card is.
A physical card, or RFID card, is most often a piece of plastic with the ID-1 dimension specified by the ISO/IEC 7810:2003 standard, sometimes also printed and serving additionally as an identifier for an employee in a company or a public officer.
Used on a daily basis, it has become an attribute of many employees, and forgetting it or, worse, losing it immediately brings to mind the darkest thoughts. For many, a physical card may be just a piece of plastic that opens a door when the reader is brought near, but it is worth realising that there are different technologies hidden inside – most often the appearance is the same, but not what is already inside. The differences between two – theoretically identical in appearance – physical cards can be really huge, but they have a common denominator – security. Only that some are safe and others are not.
Many different solutions have been invented and offered over the years. Some of these technologies are now very outdated, but unfortunately still quite popular and still available and implemented, with the result that such a card no longer fulfils its primary function – access control. Because there can be no control when such a physical card can be seamlessly cloned. The administrator then essentially loses control over access to the administered facility.
What is a virtual access card?
A virtual access card (VAC) (also referred to as a virtual card or mobile credentials) is nothing more than a secure equivalent of a physical card that fits on a smartphone. With a virtual card, opening a door is as easy as paying with a payment card in a shop, and the security is greater than using a physical card. The NODER virtual access card is a series of technologies that, thanks to sophisticated encryption algorithms, prevent it from being cloned and used on two mobile devices, for example. Nothing prevents you from having a physical card and a mobile credential at the same time via the NODER virtual card. No more problems if you forget your physical card!
iOS and Android support
Whatever phone you use, you can exploit the potential of the virtual card in the NODER access control system.
In order to exploit the potential offered by the virtual card, an appropriate app is required – NODER Mobile Access. It is available for both Apple iPhones running the iOS operating system and Android phones.
How does the phone communicate with the reader?
NFC allows the NODER virtual card to serve as an identifier for access-controlled areas.
You are probably wondering how your phone communicates with the access control reader. The app uses NFC (Near Field Communication) technology, which provides the ability to pay with the phone or allows our smartphones to communicate with various devices. In our case with NODER access control readers. All NODER MD-R, MD-W, MDK-R, and RCP-1 readers are equipped with an NFC module, which allows the NODER virtual card via the app to serve as an identifier for access-controlled areas.
Do I need NODER access control to use the NODER virtual access card?
To use the NODER virtual card, the NODER access control readers themselves are sufficient. So, if you want to use the modern virtual card with another access control system that does not have this functionality or you want to use it with another system or device – you can do it! All you need to do is install the MD-W universal readers, which have Wiegand protocol and an NFC module.
Mobile credentials and the security of your data.
The NODER virtual card in the NODER Mobile Access app does not store any personal data about the user on the phone and does not use location or tracking permissions. It also does not require permanent Internet access. The mobile credential is used to identify the user the moment he or she puts the phone to the reader. This is the same as happens when a physical card is applied.
The reader then reads the number of the virtual card and communication takes place to check whether the user for whom the card is assigned has access rights to this reader. The privacy of each user is properly secured and protected. The virtual card will not work if the phone is switched off or locked. Security can be further increased by only allowing the virtual card to be read when the phone is unlocked and the NODER Mobile Access app is running.
SUMMARY
One might be tempted to shorten the summary to the answers to the following three questions,
Is the virtual access card secure? YES!
Is it easy to use the virtual access card? YES!
Should you be afraid of a virtual card? NO!
But would it be enough? Definitely no. It is worth adding that all communication between the card (application) and the reader and the application and the server is, of course, encrypted ensuring data security, and no personal data is stored on the phone.