Traditionally in the security industry, access control is split into two streams: physical and logical. Physical access control is the management of building security – locking and unlocking doors, safes, cabinets, and vehicles with tangible keys, cards, and fobs. Logical access control, on the other hand, is firmly in the realm of information security, covering technologies that protect virtual spaces, accounts, and services.
In recent years, thanks to the evolution of biometrics, multi-factor authentication, and digital onboarding technologies, the physical and logical access control paradigms have been converging. As enterprises and service providers move away from legacy security tools like passwords, OTP tokens, key fobs, and security cards, and towards truer forms of identity that leverage biometrics, liveness detection, machine learning, and ID proofing, the need to have something (a key) or know something (a password) is becoming a much less common credentialing method.
At the core of converged access control is mobility. Smartphones and wearable tech are the form factors that bridge the gap between the physical and digital worlds. Now that face, fingerprint, iris and other biometric authentication factors ship standard on smartphones, bolstered with liveness detection and standards-backed identity protocols, the handset has realized its potential to act as a strong, private, and versatile identity credential. That’s why we are seeing more and more modern access control solutions that can transform a mobile device into an NFC or Bluetooth enabled contactless key card, while that same phone can also enable biometric access to bank accounts and virtual work spaces. Mobility is the nexus of modern identity and access management where the physical and digital world meet.