ARTICLES

Making Building Access . . . Cool?

The title of this piece appears to suggest that building access is not . . . well, cool. Yes, from the title, you might conjure that familiar stereotype of building access – and you know the one: It involves that grumbling, windbreaker-clad, sixty-something in a building lobby, sipping black coffee from a Styrofoam cup, while barking expletives to repair technicians via walkie-talkie. Adjectives that come to mind include tough and dependable. But not cool.

Ironically, if you dissect card access technology, you might rethink the adjectives. Entry systems built on the Wiegand effect, for example, involve low-carbon wire with high magnetic coercivity in the outer shells that excludes magnetic fields from the wire’s inner core. The result, induced by bringing a card with wrapped Wiegand wire near a magnet, is a rapid switch in polarity. And thus – you’re allowed inside the building. Cool, huh?

Despite such elegant physics, I will grant that practical card usage might appear a tad pedestrian. And this seems an excellent lead-in to a company I met last week called Proxy. If Central Casting requested a group on the opposite end of the cool spectrum from our windbreaker-clad manager, I would expect San Francisco-based Proxy to be delivered to my doorstep. Let me summarize what they do – and yes, it involves access control:

“What we’ve created is a digital identity system that enables improved authentication and better interaction with physical devices,” explained Brandon Cook, VP of Marketing for Proxy. “Not only does this provide enhanced security of access, but it also modernizes buildings, residences, and other facilities by integrating directly with the existing access control system to create an enhanced user experience.”

The way Proxy works is that employees, residents, and others requiring facility access download the Proxy ID App to their mobile. As a mobile-first solution, Proxy relies on end-users protecting their devices from theft or unauthorized handling via the phone’s built-in biometrics or passcodes. (Organizations using Proxy for their facilities would send an email invitation to register to employees, contractors, and others requiring access.)

Once a user registers, a Proxy ID is created and the Proxy signal activated. Proxy uses tokenization algorithms and encryption to build a unique digital identifier for each user as a time-limited one-time use access token. The scheme is straightforward, but I will admit that in our interactions with Proxy, we did not do a comprehensive algorithm or protocol analysis. Buyers interested in such detail might request this information pre-purchase.

The Proxy ID is used with the Proxy Mobile Reader to gain access to devices authorized to accept the signal – which, for most users, will have been done in conjunction with the existing access control system. The Mobile Reader Pro is a wall device that shouldn’t introduce physical or workflow burdens for facility security teams. They would just remove the old readers and replace with Proxy readers. Here’s a short video of the product in action.

An issue I raised during the discussion with Proxy was the value proposition for buyers. That is, if physical access control systems are already in place, then how would someone justify the additional expense for Proxy? Furthermore, many access control vendors are introducing mobile apps and are trying to be more hip and responsive to the needs of a younger, more fluid workforce. So, I asked, how does Proxy compete?

The answer from the Proxy team came in several dimensions: First, the Proxy CTO, Simon Ratner, acknowledged my security interests, and reinforced that their patented tokenization protocol is highly-secure, and avoids personal information of employees or residents from being transmitted via mobile to readers over insecure networks such as Bluetooth. That sounded reasonable and could be sufficient to justify a purchase.

Second, Ratner explained the upgrade possibilities of their feature-rich mobile app ecosystem for a facility with an existing access control system. The Proxy solution allows for phone tap-in, watch tap-in, and even hands-free usage by individuals. It also allows a common overlay for doors, turnstiles, and server rooms. These systems might currently be deployed with different vendors. Proxy can bring it all together, which also sounded good.

One value proposition we discussed involved a company wanted to recompete their existing access control deployment. Placing Proxy as the front-end to an existing system would allow the company to rebid the access control contract, and to support a transition that would be largely invisible to the employees. This leverage might lead to sufficient contract savings as to make the Proxy purchase almost accretive. Wow.

When you get right down to it, the promise of introducing your mobile device as your new identification card is probably as-yet unknown. My experience is that once you open the door to mobility and apps, you create an environment where new concepts, use-cases, and innovations start to emerge. Some will be welcome, like improved security, and others perhaps not so much (like better time attendance stats – ugh).

If you are a cool mobile app developer in a company with facility access . . . or if you like at the other end of the spectrum as that windbreaker-wearing facility manager, then I think you would be wise to have a look at Proxy. Ask to see the devices, and ask for an explanation of the deployment process. Both will be impressive. And as always, I hope you will share your experiences with all of us.

I look forward to hearing from you.