ISJ Exclusive: Safe and secure with mobile credentials


Share this content


Mobile technology is ingrained in almost everything we do these days. Our most important information, such as photos, travel documents, IDs and credit cards, are stored on our mobile devices.

Our phones function as cameras, maps, wallets, calendars – and more – and connect us with friends, family, and colleagues around the world. So, with mobile technology such an integral part of our lives, why then is there still some hesitation to utilise mobile credentials for access control?

According to Khodor Habbouche, Sales Manager for Gallagher in the Middle East, there is still a misconception among some people that mobile credentials aren’t as secure as access cards: “When people question the security of mobile credentials, I ask them – how do you access your bank account?

“Most people are comfortable with mobile banking; if your device is secure enough for your bank information, we can trust it is secure enough for access control.”

With the option of two-factor authentication, mobile credentials can be even more secure than an access card with the additional requirement of a PIN or biometric, such as a fingerprint or face ID, for authentication.

“Multi-factor authentication provides the gold standard for best security and a lower chance of a false accept,” explains Habbouche. “The biometric or PIN data is stored directly on the mobile device, privately and securely. Gallagher’s Mobile Connect app utilises FIDO open standard authentication to ensure user credentials are safe and secure.”

Mobile access control utilises Bluetooth Low Energy (BLE) for communication to card readers from mobile phones. A mobile access control system utilising a strong authentication method, such as FIDO open standards, will ensure the communication is secure and cannot be used by anybody ‘sniffing’ the communications to get access by replay attacks or other methods.

Habbouche also explains how the nature of a mobile phone means we automatically treat it more securely than an access card.

“Cards can be lost or stolen and it may take a long time for us to notice, but we’re far more likely to know if our phone is missing. Additionally, if we forget our mobile, we’re likely to turn back for it as we usually need it to get through our day, but we would be unlikely to do the same for an access card.”

Gallagher’s Mobile Connect app utilises FIDO open standard authentication to ensure user credentials are safe and secure.

Khodor Habbouche, Sales Manager, Gallagher Middle East

Return on investment

Habbouche has noticed a trend of universities and organisations in the banking sector adopting the use of mobile credentials. For these sites, the return on investment can be significant – particularly if used in conjunction with a digital ID.

“Utilising mobile credentials with a digital ID removes the need for a site to purchase cards, card printers and ink. For universities in particular, who have large intakes of new students each semester, this can result in huge cost savings.”

Gallagher’s Digital ID provides a secure, on-phone alternative to a physical ID card. The ability to provision the Digital ID and mobile credential remotely and securely through Gallagher’s Mobile Connect app eliminates long queues at the enrolment office at the start of each semester.

Multiple IDs can be stored in the app, which means students can store ID and access cards for campus buildings, student accommodation, the library and the university gym, for example, all in one location on their mobile device.

1-ISJ- ISJ Exclusive: Safe and secure with mobile credentials

Flexible solutions for heighted security

Leading financial institution, Ahli United Bank (AUB), implemented mobile credentials during a full upgrade of their access control systems at their headquarters in Bahrain. While researching their options, AUB management saw a demonstration of Gallagher’s Mobile Connect technology and were immediately convinced that this was the ideal product for the bank’s upgrade.

A representative from Ahli United Bank stated: “AUB is committed to being cost-effective while investing in products that have a long life-expectancy. That’s one of the key reasons we chose to reinvest in Gallagher products.”

For AUB’s management, the option to apply two-factor authentication was very appealing to them as a means of delivering heightened security for access to restricted areas. “Using mobile with facial recognition is far more secure than card and PIN and it’s immensely more cost-effective than buying biometric readers,” they said.

From an administrative and site management perspective, Gallagher Mobile Connect provides AUB with significant flexibility.

Easy provisioning means that authorised staff can remotely allocate temporary access in advance and can also schedule when a user’s access can begin and end – ideal for visitors and contractors who come to the bank’s headquarters.

To find out more information, visit:

Receive the latest breaking news straight to your inbox