The Physical Security Interoperability Alliance (PSIA) has approved the Secure Credential Interoperability (SCI) 1.0 specification. The PSIA has been working with a broad group of industry leaders in the access control industry to develop this specification, which is expected to have a significant influence on the future of secure mobile credentials.
Mohammad Soleimani, Chief Technology Officer of Kastle Systems and the Chairman of the SCI Work Group, introduced this concept to the organization in 2020 and has had a strong influence in engaging other companies in its development. “A standard for secure mobile credentials has been long overdue in the industry,” he said. “SCI relies on established standards and the Public Key Infrastructure, to provide a simple, but elegant solution.”
SCI addresses the need for a universally compatible secure credential for the physical access control industry in the form of cards, fobs, mobile devices, and wearables. Progress has been dramatic, with the technology being demonstrated at a PSIA technical meeting in August featuring apps from IDEMIA and Johnson Controls and a Kastle reader developed by WaveLynx.
“It has been our mission from day one, to drive secure credentials and interoperability into the market” said Laurie Aaron, executive vice president at WaveLynx Technologies Corp. “Joining PSIA to collaborate and execute on a standard that is made available to all, has been a fast track to mission success.”
One of the important characteristics of SCI is its interoperability across different mobile platforms including iOS and Android or devices with the ability to generate ephemeral key pair, which can be communicated over various protocols such as BLE (Bluetooth Low Energy), NFC, and UWB.
“The SCI specification helps the industry to take steps towards the last mile of credential evolution where interoperability of credentials can exist. The simplicity of the use of a public key leveraging standards and best practices ensure a secure and open way to manage credentials that takes proprietary out of the picture.” said Jason Ouellette, head of technology and business innovation for Johnson Controls Access Control and Video Solutions business.
Participants in the spec development include ASSA ABLOY, Deister Electronics, Farpointe Data (a dormakaba company), HID, IDEMIA, Kastle Systems, LenelS2, rf IDEAS, SentryCard, Siemens, and Johnson Controls.
“This is an important milestone in the security industries’ efforts to enable flexible, interoperable and scalable solutions,” said Peter Boriskin, chief technology officer for ASSA ABLOY Opening Solutions Americas. “It will be essential to consider how this and other standards apply across various industries, and how current and emerging standards impact each other.”