Get in touch
Login
NEWS ALERT: Sentry Interactive’s SDK enables mass enrollment of PKOC credentials

Symmetric encryption vs asymmetric encryption for mobile access credentials

This article covers the key differences between symmetric and asymmetric encryption for mobile access credentials, why symmetric key sharing creates security risks and vendor lock-in, and how asymmetric encryption standards like PKOC deliver greater security, interoperability, and cost-effective scalability for enterprises.

Contents

As enterprises look to move to mobile credential access across their locations, they now require the most secure, interoperable, and open standard credentials, as well as the ability to scale deployment fast across multiple buildings globally. 

The idea of key security is becoming increasingly vital when looking at mobile credential software to follow robust enterprise security standards and compliance measures that are set. 

Traditionally credentials followed symmetric encryption standards, now asymmetric cryptography has become a feature of credentials set out by frameworks like Public Key Open Credential (PKOC). The cryptography used for key sharing, symmetric or asymmetric, directly impacts security, interoperability, and long-term scalability of credentials. 

Understanding these key differences will help enterprises implement the most effective and future-proof solution.

Challenges of symmetric encryption for mobile access control

Previously, the majority of access control solutions have issued proprietary symmetric key pairs for their credentials. Symmetric cryptographic keys have to be shared in a secure manner for authentication of the credential to be complete. Symmetric encryption relies on a single symmetric key shared to encrypt and decrypt data.

While effective in certain applications, it presents significant challenges when applied to mobile access control systems:

  • Vendor Lock-in: If the credentialing solution uses symmetric encryption, a single secret key must be securely shared with manufacturers presenting security risks and extra license fees. 
  • Security Risks: Key sharing introduces inherent security risks. Every entity that has access to the key represents a potential vulnerability, increasing the risk of unauthorized credential access or leaked identity data.
  • Limited Control: Even if the key provider claims to have an open policy, they ultimately control who can access their system. This means customers are locked into a single vendor’s ecosystem, which may not align with your business objectives or theirs.
  • Recurring Costs: Many access control manufacturers using symmetric keys impose ongoing licensing or usage fees, adding unnecessary extra costs over time.

Cater for customer flexibility demands with asymmetric key encryption

Asymmetric encryption offers a superior alternative for enterprises looking to implement truly interoperable and secure credentials. With asymmetric encryption, a credential uses a public-private key pair, where:

  • The private key remains securely stored in the mobile device’s, Android or iOS, secure hardware element and is never shared.
  • The public key can be freely distributed and used across multiple systems without security concerns. The public key essentially becomes the badge number.

The credential user has full ownership of the encryption keys, eliminating the need for complex or proprietary key management and sharing processes required by symmetric key solutions.

Here are some of the reasons why you should think more about the encryption standards of your credentials and consider an asymmetric key set.

  • Enhanced security: No entity has access to the private key, eliminating risks associated with key sharing.
  • Seamless interoperability: Public keys can be used across multiple devices, systems, and applications allowing enterprises to implement a truly open and flexible solution.
  • Freedom from vendor lock-in: By adopting an open standard you can integrate mobile credentials without reliance on a single provider.

Cost-effective scalability: Asymmetric encryption offered by the likes of PKOC eliminates licensing constraints and recurring key-sharing costs, providing a scalable, future-proof solution.

Innovative asymmetric encrypted mobile credentialing solutions  

Companies like Sentry Interactive have developed their mobile credential software based on the Public Key Open Credential (PKOC) framework, pioneering asymmetric cryptography for their mobile credentialing software provided to access control OEMs. With Sentry Interactive’s SDK integration, access control manufacturers can offer mobile credentials that are truly interoperable, follow the highest security levels, and can be rolled out at scale for enterprises. The interoperability enabled by public-private key cryptography allows mobile credentials to be securely used across multiple systems and third-party applications, giving enterprises greater flexibility and freedom of choice. By leveraging Sentry Interactive’s secure open standard mobile credential software, that removes the need for reader hardware upgrades, enterprises can now achieve an adaptable, cost-effective, and secure mobile credential solution, without proprietary restrictions and security risks.

If you are looking to deploy a secure, cost-effective, and scalable path to asymmetric encrypted mobile access across your enterprise, get in touch to learn how you can accelerate implementation while maintaining full control over your access control ecosystem.
Get in touch today to integrate open standard mobile credentials that are secured with asymmetric cryptography.

William Bainborough

Board of Directors

William is an experienced British entrepreneur, founder, and accomplished board executive and advisor for a number of businesses. He is the CEO and co-founder of Doordeck, the world’s only true cloud-based access control aggregator. He is also the managing director and founder of Group Secure, a leader in providing security, CCTV, and access control solutions, products, and installation for high-net-worth individuals in the UK. 

William established his first business at just seventeen and brings 20-plus years of in-depth experience and industry knowledge. He has a proven track record for building businesses from the ground up—and then leading them to profitability and a successful exit across a myriad of sectors including hospitality, retail, security, telecommunications, and e-commerce. William’s leadership, vision, and experience in creating cutting-edge SaaS-based technology platforms will prove invaluable for Sentry Interactive moving forward.

Denis Hébert

CHAIRMAN & CEO

Hébert began his career at Honeywell International where he held several leadership positions including Managing Director for the Automation and Controls business in France and eventually President of the NexWatch Corporation from 1999-2002. Hébert led HID Global as President & CEO over a transformative 12-year period from 2002-2015, where he provided strategic guidance and grew the business tenfold through a mix of strong organic and acquisitive growth. Most recently, Hébert was President of Feenics Corporation which is a cloud-based access control company that was successfully sold to ACRE LLC at the end of 2021. Hébert also served on the Board of Directors for the Security Industry Association (SIA) from 2009-2020 and was nominated to be Chairman of the Board for SIA from 2016-2018. He is currently Chairman of the Board for Nightingale Security based in Newark, CA.

Stephen Taylor Matthews

Board of Directors
Stephen is a very accomplished attorney, member of the Texas State Bar, licensed commercial real estate broker, and an avid philanthropist. He is an experienced executive board member, serving in leadership positions for more than 20 community councils and corporate boards—ranging from Boy Scouts of America to the ABBA Business Leaders Council, and most recently the American Bank BOD, the Real Estate Council of Austin, and the Marbridge Foundation BOT. With more than 35 years experience, Stephen and his firm, Barrond & Adler, L.L.P. are devoted to eminent domain cases in Texas.

Jon Davis

Board of Directors

Mr. Davis is an Experienced corporate board member, having served on boards of public, private equity-backed, and venture-backed companies. Jon possesses deep industry expertise in dairy, food processing, food technology and manufacturing, and food, beverage, and entertainment services. 

During Jon’s tenure of 25 plus years, he’s led operations, research and development, and mergers and acquisitions. He’s served as CEO and has been the founder and active board member for many successful enterprises—from startups to billion-dollar corporations. While COO and CEO of Davisco Foods International, Jon built a state-of-the-art cheese plant which was awarded the United States Dairy processing plant of the year in 2005 by Dairy Foods magazine. Currently, Jon is active with several non-dairy projects, including investments in local real estate, the Wayzata Brewworks, and his latest venture the new CōV restaurant in Edina’s Galleria.

Joe Caldwell

Founder and Chairman of the Board

Joe is an American entrepreneur, investor, and accomplished executive. He has co-founded, founded, and led many successful businesses, including US Internet, a leading fiber internet service provider, Securence, a leading provider of email filtering software, and Ravon, an industry-leading digital voice communications service. 

It was Joe’s venture, Municipal Parking Services (MPS), that inspired him in 2020 to start Sentry Interactive, an advanced touchless and staffless detection platform.

Caldwell currently serves as CEO and Chairman of the Board for Municipal Parking Services (MPS), a global tech company based in Austin, TX responsible for inventing and patenting technologies that assist in parking and security enforcement.

Joe was named one of Minnesota’s 500 Most Powerful Business Leaders for the past two years—and is a seasoned corporate board member. He’s served on boards of public, private equity-backed, and venture-backed companies—and has deep industry expertise in all aspects of digital technology.

Jason Bohrer

Board of Directors

Jason Bohrer is one of the visionaries behind our mission to bring people back together safely and securely, in any environment, through Sentry’s advanced digital communications and detection platform. With over two decades of senior leadership experience, Jason’s track record of success spans across sales, operations, product innovation, strategy, and technology for domestic and global companies like Bexar Technology Partners, CPI Card Group, HID Global, and Motorola, Inc. Prior to launching Sentry Interactive, Jason was actively involved with several key technology transitions across multiple industries, including the contact and contactless EMV transitions in the U.S. payments industry and the adoption of smart card and mobile technologies in the global access and identity market. Jason was an inaugural member of the University of Chicago Executive Institute and holds a bachelor’s degree in Economics from the University of Texas at Austin. He also serves as the Executive Director for two industry-leading not-for-profit organizations: the Secure Technology Alliance and the U.S. Payments Forum.
Brent Terry

Brent Terry

Chief Operating Officer
Brent Terry leads the operations and solutions organizations at Sentry. This includes all product innovation, development, and operations management. A veteran in the technology space, Brent has more than 30 years of experience across a myriad of industries, like physical security technology and building automation, SAAS, hardware and software product development, internet, digital TV, interactive TV, digital media, telecommunications, and medical products and services. Prior to Sentry, Brent has spun up successful startups and led high-performing teams for some of the biggest global, Fortune 500 companies, including ARRIS, Conerco, Motive Communications, SeaChange International, and IBM. Brent holds a BS in Computer Science from the University of Louisiana. He also is the committee Chairman and Program Director for a non-profit organization responsible for the rollout of smart cards for physicians and first responders.