Card, mobile credential, payment and security
Mercer first to leverage Allegion locks with Mobile Credential
Mercer University is the latest campus to issue Mobile Credentials from Transact, and and the first to partner with access control provider Allegion on the initiative. Mercer students, faculty and staff will soon have the option to provision their Bear Card to their iPhone or Apple Watch and use those devices for the full range of on-campus transactions.
Mercer will officially launch the Mobile Credential project for its entire community beginning with Summer Session One this May. Students can add their Bear Card to Apple Wallet and use their iPhone and Apple Watch to access buildings and facilities, buy lunch, enter the university rec center, register for events, and more. The initiative is optional, and Mercer will continue to offer the physical Bear Card to its campus community.
"We announced the program just in time for our 'Make It Mercer' event on April 6th and are allowing incoming freshmen the opportunity to provision their Mobile Credential in advance of starting for either fall or summer terms," says Ken Boyer, associate vice president for Auxiliary Services at Mercer University. "We will be opening up enrollment for returning students, faculty and staff on May 20th for the start of summer school, with enrollment for students returning for fall 2019 opening in June."
Mercer is among the first institutions to launch mobile credentials in Apple Wallet, joining the University of Alabama, Duke University, Johns Hopkins University, Temple University and the University of Oklahoma. Unique to the program at Mercer, however, is the university's long-running partnership with Allegion.
"Mercer is the first school to move forward with Mobile Credentials in the Apple Wallet utilizing the Allegion AD-400 locks," says Boyer. "Allegion has worked with Mercer to update firmware to provide for this enhanced functionality, alongside our transaction system provider Transact, and Apple to ensure the functionality works as expected."
The university was in a good position already thanks to some of the product decisions they had made. Full credit to Mercer, because those decisions really made this a light lift.
Much of Allegion's interaction with Mercer went hand-in-hand with the university's card system vendor, Transact. "It's a process we'd been working through for about six months prior to going live at Mercer. The university was in a good position already thanks to some of the product decisions they had made," says Jeff Koziol, Business Development Manager at Allegion. "A lot of their infrastructure was mobile ready with just some slight modifications here and there. Full credit to Mercer, because those prior decisions really made this initiative something of a light lift."
Allegion offers a suite of products that are mobile capable and mobile enabled. "In the case of Mercer, this was also a light lift because most of what they have deployed from Allegion is the Schlage AD-400 lockset. It's a wireless, real-time lock that gives campuses the ability to change the status of the lock and get feedback from the lock within seconds," explains Koziol. "This is important as we continue to move into the mobile world because if someone loses a phone, we want to suspend that credential as soon as possible."
In addition to the lock's real time, wireless capabilities, Koziol explains there's another feature that makes the AD-400 a good fit for the path to mobile credentials.
"The AD 400 also has a modular, upgradeable design. Mercer invested in this product dating back seven or eight years ago and when the time came to start prepping for Mobile Credential, rather than replacing entire locksets, Mercer was able to swap out just the mag stripe reader heads for reader heads that read both DESFire and mobile," explains Koziol. "They were able to do this at a fraction of the cost of a full lockset, and preserve their initial investment in the hardware."
Since the launch of Transact Mobile Credential late last year, a growing number of universities have been taking notice. But the path to mobile credentials isn't always straightforward.
"For universities looking at Mobile Credential it's best to begin by assessing where your program is," says Boyer. "Examine what kind of technologies you're currently using, and then develop an implementation plan that takes you in the direction of the technology you want."
I think campuses always do themselves a service by choosing open architecture type products. Products that are readily upgradeable as advancements in technology happen.
Ultimately, a phased approach worked best for Mercer's environment. "Mercer's ability move to the Mobile Credential came about as a benefit from our five-year plan to transition from mag stripe technology used by our transaction system in the past to more secure MIFARE DESFire EV2 contactless technology," explains Boyer. "The new platform utilizes AES-128 encryption, which makes it very secure."
Another way campuses can prep for mobile credentials is to consider technologies that keep its future options open while meeting the needs it has currently.
"DESFire is kind of becoming the de-facto standard because it meets the security requirements of the college market, a lot of smartphone chips emulate DESFire, and most of the products on the marketplace accept and read DESFire," says Koziol. "I think campuses always do themselves a service by choosing open architecture type products. Products that are readily upgradeable as advancements in technology happen."
"Some people believe that mobile credentials are pie in the sky, and still far out there. But it really isn't," adds Koziol. "It's on campuses across the country, and it's arrived at Mercer."
