"What implementers will quickly find when moving from card- to smartphone-based access credentials is that many legacy access control systems require the use of back-end portal accounts," explains Scott Lindley, Farpointe Data general manager. "However, newer solutions provide an easier way to distribute credentials with features that allow the user to register their handset only once and need no other portal accounts, activation features or hidden fees."

For hackers, these portal accounts have become rich, easy to access caches of sensitive end-user data. These older mobile systems also force the user to register themselves and their integrators for every application.The bookkeeping alone can be confusing. For instance, who signs you up, hidden fees, who is in charge of security and who is ultimately responsible can all be questions left unanswered.

"Today, all that should be needed to activate the new mobile credentials system is the phone number of the smart phone," emphasizes Lindley.