VIEW
july 2025
// Access Control & Identification
Are Mobile Credentials Right for Your Site?
How do you evaluate whether a site is a good candidate for mobile credentials? And how can you avoid compatibility issues in mobile deployments?
By Christopher Crumley, SDM Associate Editor
Any organization seeking a more efficient and secure way to issue, manage, and use credentials can take advantage of mobile solutions. Image courtesy of Axis Communications.
Mobile credentials are seeing widespread adoption because of the ubiquity of mobile devices. But how do you evaluate if a site is a good fit for mobile credentials? What verticals are these deployments most successful in? What are some of the compatibility issues that integrators can face when deploying these solutions?
Ahead, experts share insight on successful evaluation and deployment tactics when dealing with mobile credentials.
Finding the Right Fit
Often, the evaluation process begins with what hardware/software is in place and what sort of compatibility issues that mobile deployments may face. “The first step is to assess the existing infrastructure,” says Brian Lohse, general manager, commercial business unit, Alarm.com, Tysons, Va. “Are there legacy readers in place that would need to be replaced?”
Olivia Renaud, group product manager, credentials, Allegion, Carmel, Ind., agrees: “When integrating mobile credentials with legacy systems, integrators may face compatibility issues,” she says. “One major challenge is dealing with outdated on-premise systems and hardware or firmware combinations, which may not support modern mobile credential technology.”
Having the foresight to consider the future compatibility is another element of evaluation. “It is also important to consider future compatibility issues to minimize the need for frequent upgrades or system overhauls,” says Phil Coppola, mobile evangelist, HID, Austin, Texas. “ Involving IT professionals or experts during the planning phase can help identify and address potential challenges and ensure the technology’s seamless integration with the existing infrastructure, minimizing disruptions and maximizing upgrade benefits.”
“Mobile credentials can reduce the number of calls to administrators or facility managers to let people in the building who have forgotten their badges. No one leaves home without their cell phones.”
— Scott Lindley, Farpointe Data Inc.
Mobile credentials are gaining strong traction in corporate offices, schools, and retail environments. Image courtesy of Axis Communications.
Coppola continues, “Equally important to consider are the risks associated with not upgrading from legacy systems to mobile credentials as threats evolve and mitigation requirements impose various system compatibility needs. The hard truth is that older access control systems present security issues and vulnerabilities in today’s threat landscape and upgrading to more modern technology better fortifies your organization while helping prepare for tomorrow. There are a variety of approaches for upgrading legacy infrastructure, but for the most flexibility readers should support cards, all popular credential technologies including mobile credentials, and digital wallets like Apple Wallet and Google Wallet that are accessed through a mobile app.”
Of course, the way the end users actually interact with the site needs to be considered during this process — the who, what, where and when of usage. “Next, look at the access usage patterns — how many users are involved, and how frequently do they access the site?” Lohse says. “Finally, consider whether the organization requires visible physical badges for security or compliance reasons.”
Coppola adds, “If employee training and communication are ignored, it can lead to confusion, resistance, and decreased productivity. An organization might also fail to consider future scalability when making the transition, including the need to accommodate additional users, locations, or functionalities.”
Avoiding Deployment Challenges
When transitioning from planning to action, security integrators have a lot of responsibility to juggle. “Integrators often face several challenges when implementing new mobile solutions, including ensuring seamless connectivity, managing different device types, mitigating reader interference, and addressing security concerns,” says Rob Druktenis, team lead, solutions acceleration, Axis Communications, Chelmsford, Mass. “To overcome these challenges, it’s important to conduct thorough site assessments when designing a system using mobile credentials. This step helps identify potential interference issues and determine the best reader for each environment. Additionally, it’s important to allow for sufficient time to educate the end user on how to manage and issue credentials, since these systems are often replacing legacy ones.”
Scott Lindley, general manager, Farpointe Data Inc., San Jose, Calif., says, “One of the most common challenges is people who are reluctant to use mobile credentials on their smartphones because of privacy concerns. We help by educating the market that with our CONEKT solution, we don’t collect individual user data. Users are always in control, and can choose from a variety of options, whether BLE, NFC, or traditional credentials. Another common deployment challenge is read range. Again, with our solution, an install technician can adjust the BLE read range in the field to fit the specific conditions of the site.”
Offering a low-stakes technology trial can be an opportunity to help end users to alleviate anxieties. “We take a two-pronged approach,” Lohse says. “First, we include 30 mobile credentials at no additional cost in our access service plans. This removes the financial barrier and gives customers a chance to try mobile credentials risk-free. Second, we focus on making the experience as frictionless as possible for both administrators and users. Admins can provision a credential simply by entering a phone number and sending an automated text with an activation link. From the user’s perspective, setup is as easy as tapping the link. Admins can even issue credentials directly from the Alarm.com app — it’s as straightforward as adding a new contact to your phone.”
It could be advantageous to explore regulations and compliances that the end user may be unknowingly subject to, Coppola adds. “Many organizations fail to consider security measures and compliance with the latest security standards and regulations,” he says. “This failure can expose the organization to risks including unauthorized access, data breaches, or legal liabilities.”
Who’s Gone Mobile?
Which verticals are seeing the most mobile adoption? Brian Lohse of Alarm.com says, “Across our partner network, we’re seeing mobile credentials deployed in a wide range of environments — from small businesses with just a few users to large educational institutions and commercial offices. The highest value tends to be realized in scenarios where physical credentials are impractical to distribute and carry. This is especially true in use cases with a high number of users who require infrequent access, such as fitness centers or homeowners’ associations. In these situations, mobile credentials offer a compelling combination of convenience and scalability.”
Olivia Renaud, Allegion, says, “Near Field Communication (NFC) wallet-based mobile credentials tend to perform well in environments with a high volume of users or numerous touchpoints, where there is an expectation for the device to provide a parity experience compared to traditional plastic cards. Wallet-based credentials from Apple and Google are particularly advantageous because they allow users to simply present their device to a reader to initiate a transaction, without needing to “wake up” or unlock the device — it just works.”
Rob Druktenis, Axis Communications, says, “Mobile credentials are gaining strong traction in corporate offices, schools, and retail environments — thanks to their convenience, ease of use, and enhanced security. However, the benefits of mobile access extend well beyond these sectors. Any organization seeking a more efficient and secure way to issue, manage, and use credentials can take advantage of mobile solutions.”
But, Druktenis also notes there are verticals that he believes to be a less-than ideal fit for mobile credentials. “That said, mobile credentials may be less ideal for certain environments, such as manufacturing or industrial settings, where harsh conditions could damage personal devices. Likewise, organizations with extremely high security requirements — or concerns around potential credential cloning — might prefer more specialized or hardened credentialing methods.”
Dead Phones & Support Tickets
According to the experts, mobile credentials can reduce the amount of support tickets and service calls that an end user needs to place. “Mobile credentials help reduce service calls and support tickets, mostly by eliminating common issues associated with physical cards or keys,” Renaud says. “For example, we’ve seen nearly a 100 percent decline in lost card-related service calls, as users no longer have physical cards that can be misplaced or forgotten to begin with. Similarly, in student dormitories or residential settings, mobile credentials drastically reduce lockout incidents, because users can rely on their smartphones or wearable devices for access.”
Renaud continues, “A lot of the time, mobile credential systems empower users to resolve many issues independently by accessing FAQs or troubleshooting guides available on the system’s website or within the app used to add their pass to a digital wallet, minimizing the need for support intervention, streamlining operations and reducing the burden on service teams.”
Lindley shares the same sentiment, adding, “Mobile credentials can reduce the number of calls to administrators or facility managers to let people in the building who have forgotten their badges. No one leaves home without their cell phones. On the manufacturing side, I believe the number of support calls about mobile credentials is less than with traditional credentials, because the technology is just as easy — if not easier — to use than physical cards. The other benefit is that there is no inventory of cards to manage. Mobile credentials can be ordered, distributed and downloaded to end-user phones all via digital processes.”
While lost cards are virtually eliminated with mobile credentials, experts say some users do wonder what a dead phone means for access. “Phone battery failure or phone loss can present potential access issues when relying on mobile credentials,” Renaud explains. “However, Apple devices offer a feature called “Express Mode with Power Reserve” that mitigates this problem by allowing users to use their credentials even after their phone needs to be charged — for up to five hours on most devices. This feature provides a significant advantage in maintaining access despite battery depletion.”
Renaud continues, “On the other hand, Google Wallet currently lacks this capability, which means users could face access issues if their device runs out of power. Similarly, BLE technology is also affected by battery failure, as it requires the phone to be charged to use the credential. With these scenarios in mind, it’s advised to have a backup access method to ensure continued access. Many sites are starting to provide portable chargers or charging stations.”
In the event that your deployment does not include an Apple or Google wallet backup, a second tier of authentication can be utilized in place of the missing mobile credential. “Phones can be lost, damaged, or run out of battery — making it essential to have a reliable backup plan,” Druktenis says. “Ideally, the access system should support multiple credential types, such as RFID cards, biometrics, or PIN codes. This ensures users can still gain access even if their mobile device is unavailable.”
BLE & NFC
An additional consideration is the offline or low-connectivity infrastructure of a site. “It’s crucial to also determine if there’s a provision for offline entry in situations where internet access is unavailable and determine if Bluetooth Low Energy and/or Near Field Communication (NFC) based mobile credential should be used in its place,” says Hansel Oh, director of product marketing at Brivo, Bethesda, Md.
Olivia Renaud, Allegion, adds, “When evaluating whether a site is suitable for mobile credentials, one consideration should be whether the site has made thoughtful investments in BLE and/or NFC capable hardware. Bluetooth/NFC technology is a key component in enabling mobile credential functionality.”
Rob Druktenis of Axis Communications offers the following BLE and NFC advice: “Ensuring reliable Bluetooth and NFC performance in real-world conditions — such as high-density buildings or outdoor environments — requires careful planning and precise implementation. Start by strategically placing readers to optimize signal strength and coverage. In areas with high interference or dense construction materials, reader configurations may need to be customized, as default settings often aren’t sufficient for complex environments. Additionally, using anti-collision technologies can help reduce signal overlap and improve read reliability in busy or high-traffic areas.”
Druktenis says, “Regularly updating reader firmware is also critical to maintaining optimal performance and security. And for outdoor installations, it’s important to select hardware rated for environmental durability, including temperature fluctuations and moisture exposure. By addressing these factors during deployment, mobile credential systems can deliver consistent, secure, and user-friendly access even in challenging conditions.”
Oh advises, “For reliable real-world performance of mobile credentials, carefully consider Bluetooth range. Shorter effective ranges dictate precise reader installation. Conversely, since a mobile device’s signal might be detected by multiple nearby readers, meticulous reader placement and system configuration are essential to ensure only the intended door opens. In dense environments, clearly labeling doors within the mobile app is also key to preventing user confusion and incorrect door activation.”
