Exclusive: The world of secure mobile services

September 14, 2021

Carl Fenger, Technical Communications Manager at LEGIC assesses the challenges and opportunities of implementing smartphone-based business models.

The smartphone has become the de-facto device used for interaction with almost everything. From ePayment, virtual transportation, concert tickets and customer loyalty cards to office, residence and hotel room entry, the smartphone is truly the most important and versatile accessory that you carry in your pocket.

In spite of this, many service providers don’t capitalise on the convenience, flexibility and universal adoption of smartphones that could give their business a huge boost. In many cases, such as with ATMs, printers, parking garages and electronic doors we are still using smartcards. Although smartcards have advantages such as no battery requirement, it is only a matter of time before smartphones replace or at least operate in parallel with smartcards for virtually all consumer and professional services.

Interaction based on smartphones also opens a whole new realm of service customisation. A smartphone enables direct communication with the service provider; a hotel’s portal can push customer loyalty offerings such as restaurant discounts directly to the smartphones of guests. PIN, 2FA, fingerprint and facial recognition are also provided. These are security features that smartcards do not natively support.  

A smart solution for a complex problem

Indeed, the migration to smartphone-based services is in full swing. One of the main disadvantages of smartphone-based services however, is that the service provider needs to maintain a highly reliable cloud backend to host and deliver mobile credentials and service end user requests 24/7. For large companies such as hotel chains, no problem, but for small and medium-sized providers, maintaining a highly reliable, encrypted, round-the-clock cloud credentialing service, including extra IT support, is a barrier to entry.

This is where outsourcing a 24/7 credential service for mobile services makes sense. A service provider needs only to upload preconfigured credentials in advance to the service then designate an administrator or automated webservice to deliver a corresponding code – via QR code or deep link – to authorised end users – for example, users who have purchased access to the service. Credentials are then provided on demand by LEGIC Connect Go.

LEGIC Connect Go

LEGIC Connect Go enables businesses to quickly launch new mobile services. The software service gives users self service, permissioned access to business applications such as rental scooters, storage lockers, virtual keys for residential access or for shared vehicles using their smartphones. Developers can easily interface with the service via the Mobile SDK provided by LEGIC.

The high reliability service delivers mobile credentials without the need to know who end users are in advance – allowing them to serve themselves by requesting credentials anytime, anywhere and on demand. LEGIC Connect Go enables mobile services to be easily managed by simple software running on a laptop. This reduces time-to-market, allowing you to focus on your customer facing mobile app and your market launch.

The workflows and setup of the service follow existing processes and value chains of the smartcard world, allowing service providers to keep all processes intact. It extends smartcard-based solutions into the mobile world with an interactive user interface plus additional smartphone supported features such as PIN and facial recognition. End-to-end encryption protects credentials while at rest and in transit.

If required, all solutions can be enhanced with additional features by migrating to the highly versatile, full featured service, LEGIC Connect.

Secure, contactless authentication for Y Soft

Y Soft is a global provider of intelligent enterprise office solutions. The company’s print management platform, YSoft SAFEQ, is used by a global set of customers to help reduce print infrastructure and overall printing costs.

A key feature of YSoft SAFEQ is secure access to printers through contactless identity authentication. As security is a top concern for Y Soft – and mobility is increasingly desired by customers – Y Soft developed a way for smartphones to replace traditional ID smartcards. Smartphones have the advantage of being able to provide a second layer of security – only the owner knows the PIN or can provide biometric data to unlock the phone.

The COVID-19 pandemic also introduced a new demand – hygiene and eliminating the need for users to touch the printer console. The smartphone, coupled with a smart phone reader, would provide the answer. YSoft MFX Mobile Reader is the resulting solution.

Y Soft turned to LEGIC for assistance for the automated distribution of mobile credentials. Working with LEGIC’s mobile security platform, LEGIC Connect Go, Y Soft developed a smartphone app, YSoft Mobile Connect which uses a 24/7 high availability service backend for credential distribution provided by LEGIC. Coupled with a reader that supports Bluetooth and NFC, the YSoft MFX Mobile Reader provides the convenience, security, hygiene and mobility that users require.

With LEGIC Connect Go, Y Soft partner resellers can grant or sell registration keys to users via PIN, QR or bar code. LEGIC Connect Go delivers mobile credentials linked to the registration keys on demand. The high availability service is available 24/7 and can deliver credentials whenever, and wherever, authorised end users request them.

Get started in the mobile world today with your service by simply using LEGIC Connect Go.

For more details, visit: www.legic.com or email [email protected]

This article was originally published in the September edition of Security Journal UK. To read your FREE digital copy, click here.

Read Next