Get in touch
Login
NEWS ALERT: Sentry Interactive’s SDK enables mass enrollment of PKOC credentials

Asymmetric vs symmetric encryption for mobile access

Traditional access credentials relied on symmetric encryption, using shared keys to authenticate identity. Today, asymmetric cryptography is redefining mobile access, enabling more secure, scalable, and truly interoperable credentials protected by public-private key pairs.

Why encryption matters?

Enterprises looking to adopt mobile credentials for access must carefully consider how their credentials are encrypted to eliminate key-sharing risks and unlock secure, interoperable mobile access at enterprise scale.

Asymmetric encryption

Built for secure, scalable mobile access

Asymmetric encryption uses a public-private key pair. The private key is never shared, it stays securely in the secure element of the device. The public key is shared and acts as a secure identifier. 

Maximum security 

Private keys are never shared or exposed, they are stored securely in the device’s secure element, completely reducing the risk of being compromised.

True interoperability

Public keys can be shared and work across multiple systems, devices, and applications.

No vendor lock-in

Adopt open standards and maintain full control of your ecosystem.

Built for scalability

Deploy across global sites without complexity, delays, or added cost.

Full ownership of credentials

You control your keys, your users, and your ecosystem. 

Symmetric encryption

Introduces risk, cost, and vendor dependency

Symmetric encryption uses a single shared key to authenticate credentials. This key must be kept secret and securely exchanged between the communicating parties, otherwise it can pose vulnerabilities.

Shared keys, shared risk

Every system, partner, or manufacturer with access to the key becomes a potential vulnerability.

Vendor Lock-In

Dependency on one provider to manage and distribute keys, limiting flexibility and innovation.

Hidden Costs

Licensing fees and key management add ongoing operational expenses. 

Limited Interoperability

Integration across multiple systems is complex and restrictive. 

How Sentry mobile credentials use asymmetric encryption

When the Sentry Interactive app or any third-party app with our SDK embedded is first set up, a unique public-private key pair is generated on the user’s mobile device.

  • The private key is securely stored in the smartphone device’s secure enclave and protected by biometrics or a password. 
  • The public key is safely transmitted to the cloud services over a TLS-secured connection with TLS pinning to prevent interception.
 

Mobile credentials built on the highest security standards

As organizations scale across multiple locations and adopt mobile access credentials, encryption becomes the foundation of security, flexibility, and growth. That’s why Sentry Interactive built mobile credentials with asymmetric encryption, based on the Public Key Open Credential (PKOC) specification.

Find out how our mobile credentials deliver to PKOC specifications, pioneering the future of open standard credentials.

PKOC Mobile credentials

Find out about the benefits of mass enrollment capabilities of Public Key Open Credentials (PKOC) for enterprises. 

PKOC Mass Enrollment

Learn more in an article exploring how the Sentry Interactive SDK is enabling mass enrollment of PKOC credentials for enterprises.

Read article

Unlock mobile access credentials based on the highest security standards

Integrate the Sentry Interactive SDK with your access control systems and enroll your users with mobile credentials that are secured with asymmetric cryptography.

Get in touch

Connect with a member of our team within 24 hours.

Get a system audit for integration.

Deploy and activate mobile credentials within days.

Frequently asked questions

What is the difference between asymmetric and symmetric encryption for mobile access credentials?

Symmetric encryption uses a single shared key to authenticate credentials, meaning that key must be distributed and kept secret across every system and partner involved — creating potential vulnerabilities. Asymmetric encryption uses a public-private key pair, where the private key never leaves the user’s device and is never shared, significantly reducing the risk of credentials being compromised or cloned.

Why is asymmetric encryption more secure than symmetric encryption for access credentials?

With symmetric encryption, every party that holds the shared key is a potential security risk, if the key is intercepted or leaked by any one system or vendor, all credentials using it are exposed. Asymmetric encryption eliminates this entirely because the private key is stored securely in the device’s secure enclave and is never transmitted or shared, making it far harder to intercept or exploit.

Does symmetric encryption cause vendor lock-in for access control systems?

Yes. Because symmetric encryption relies on a single shared key managed and distributed by a specific vendor, organisations become dependent on that vendor to maintain and update their credentials. This limits flexibility, restricts integration with other systems, and often introduces ongoing licensing costs. Asymmetric encryption, by contrast, uses open standards that work across multiple platforms and providers without dependency on any single vendor.

How does Sentry Interactive use asymmetric encryption to protect mobile credentials?

When the Sentry Interactive app, or any third-party app with the Sentry SDK embedded, is first set up, a unique public-private key pair is generated directly on the user’s device. The private key is stored in the smartphone’s secure enclave and protected by biometrics or a password, while the public key is transmitted to cloud services over a TLS-secured connection with TLS pinning to prevent interception.

What encryption standard do Sentry Interactive's mobile credentials follow?

Sentry Interactive’s mobile credentials are built on asymmetric cryptography in line with the Public Key Open Credential (PKOC) specification. This is an open, license-free standard that delivers the highest levels of security for mobile access, enabling credentials that are interoperable across systems, free from vendor lock-in, and scalable across global enterprise deployments.

William Bainborough

Board of Directors

William is an experienced British entrepreneur, founder, and accomplished board executive and advisor for a number of businesses. He is the CEO and co-founder of Doordeck, the world’s only true cloud-based access control aggregator. He is also the managing director and founder of Group Secure, a leader in providing security, CCTV, and access control solutions, products, and installation for high-net-worth individuals in the UK. 

William established his first business at just seventeen and brings 20-plus years of in-depth experience and industry knowledge. He has a proven track record for building businesses from the ground up—and then leading them to profitability and a successful exit across a myriad of sectors including hospitality, retail, security, telecommunications, and e-commerce. William’s leadership, vision, and experience in creating cutting-edge SaaS-based technology platforms will prove invaluable for Sentry Interactive moving forward.

Denis Hébert

CHAIRMAN & CEO

Hébert began his career at Honeywell International where he held several leadership positions including Managing Director for the Automation and Controls business in France and eventually President of the NexWatch Corporation from 1999-2002. Hébert led HID Global as President & CEO over a transformative 12-year period from 2002-2015, where he provided strategic guidance and grew the business tenfold through a mix of strong organic and acquisitive growth. Most recently, Hébert was President of Feenics Corporation which is a cloud-based access control company that was successfully sold to ACRE LLC at the end of 2021. Hébert also served on the Board of Directors for the Security Industry Association (SIA) from 2009-2020 and was nominated to be Chairman of the Board for SIA from 2016-2018. He is currently Chairman of the Board for Nightingale Security based in Newark, CA.

Stephen Taylor Matthews

Board of Directors
Stephen is a very accomplished attorney, member of the Texas State Bar, licensed commercial real estate broker, and an avid philanthropist. He is an experienced executive board member, serving in leadership positions for more than 20 community councils and corporate boards—ranging from Boy Scouts of America to the ABBA Business Leaders Council, and most recently the American Bank BOD, the Real Estate Council of Austin, and the Marbridge Foundation BOT. With more than 35 years experience, Stephen and his firm, Barrond & Adler, L.L.P. are devoted to eminent domain cases in Texas.

Jon Davis

Board of Directors

Mr. Davis is an Experienced corporate board member, having served on boards of public, private equity-backed, and venture-backed companies. Jon possesses deep industry expertise in dairy, food processing, food technology and manufacturing, and food, beverage, and entertainment services. 

During Jon’s tenure of 25 plus years, he’s led operations, research and development, and mergers and acquisitions. He’s served as CEO and has been the founder and active board member for many successful enterprises—from startups to billion-dollar corporations. While COO and CEO of Davisco Foods International, Jon built a state-of-the-art cheese plant which was awarded the United States Dairy processing plant of the year in 2005 by Dairy Foods magazine. Currently, Jon is active with several non-dairy projects, including investments in local real estate, the Wayzata Brewworks, and his latest venture the new CōV restaurant in Edina’s Galleria.

Joe Caldwell

Founder and Chairman of the Board

Joe is an American entrepreneur, investor, and accomplished executive. He has co-founded, founded, and led many successful businesses, including US Internet, a leading fiber internet service provider, Securence, a leading provider of email filtering software, and Ravon, an industry-leading digital voice communications service. 

It was Joe’s venture, Municipal Parking Services (MPS), that inspired him in 2020 to start Sentry Interactive, an advanced touchless and staffless detection platform.

Caldwell currently serves as CEO and Chairman of the Board for Municipal Parking Services (MPS), a global tech company based in Austin, TX responsible for inventing and patenting technologies that assist in parking and security enforcement.

Joe was named one of Minnesota’s 500 Most Powerful Business Leaders for the past two years—and is a seasoned corporate board member. He’s served on boards of public, private equity-backed, and venture-backed companies—and has deep industry expertise in all aspects of digital technology.

Jason Bohrer

Board of Directors

Jason Bohrer is one of the visionaries behind our mission to bring people back together safely and securely, in any environment, through Sentry’s advanced digital communications and detection platform. With over two decades of senior leadership experience, Jason’s track record of success spans across sales, operations, product innovation, strategy, and technology for domestic and global companies like Bexar Technology Partners, CPI Card Group, HID Global, and Motorola, Inc. Prior to launching Sentry Interactive, Jason was actively involved with several key technology transitions across multiple industries, including the contact and contactless EMV transitions in the U.S. payments industry and the adoption of smart card and mobile technologies in the global access and identity market. Jason was an inaugural member of the University of Chicago Executive Institute and holds a bachelor’s degree in Economics from the University of Texas at Austin. He also serves as the Executive Director for two industry-leading not-for-profit organizations: the Secure Technology Alliance and the U.S. Payments Forum.
Brent Terry

Brent Terry

Chief Operating Officer
Brent Terry leads the operations and solutions organizations at Sentry. This includes all product innovation, development, and operations management. A veteran in the technology space, Brent has more than 30 years of experience across a myriad of industries, like physical security technology and building automation, SAAS, hardware and software product development, internet, digital TV, interactive TV, digital media, telecommunications, and medical products and services. Prior to Sentry, Brent has spun up successful startups and led high-performing teams for some of the biggest global, Fortune 500 companies, including ARRIS, Conerco, Motive Communications, SeaChange International, and IBM. Brent holds a BS in Computer Science from the University of Louisiana. He also is the committee Chairman and Program Director for a non-profit organization responsible for the rollout of smart cards for physicians and first responders.