The future of identity and physical access control is mobile, using smartphone apps and digital wallets to access everything from parking lots and buildings to individual offices and printers.

Mobile offers several advantages over physical access cards, including scalability, operational and security efficiencies, environmental benefits, and greater convenience for employees to access buildings and resources, as well as for security workers charged with granting and maintaining access control.

In HID’s “2025 State of Security and Identity Report,” encompassing insights from more than 1,800 end users and industry partners, 61% of respondents identified mobile proliferation as a top trend, with nearly two-thirds either deploying or planning to deploy such solutions. Moreover, 84% of organizations continue using a combination of mobile and physical credentials to accommodate a wide range of users and uses, including visual identification.

Adopting a mobile-first strategy requires the appropriate underlying technologies to enable, disable, and monitor mobile access. However, any technology upgrades of this nature will also help future-proof physical security and identity strategies.

Authentication Made Easy

Among younger adults, smartphone ownership is ubiquitous, with 98 percent ownership in the 18 – 20 age group and 97 percent among those 30 – 49. According to Pew Research, ownership rates are 91 percent among the 50 – 64 age group and 79 percent among those 65 and older.

When considering digital wallets, most people likely think of storing credit and debit card information on their smartphones to make purchases. However, they are also used to store digital identity credentials, sporting or concert tickets, transit passes, and much more. Globally, more than five billion people are expected to use digital wallets by 2026. Further, 53 percent of Americans already use their digital wallets more frequently than traditional payment methods.

Because the user is already authenticated on their smartphone, it’s much easier to store a credential in a digital wallet than to interact with an app. But apps often feature more capabilities than wallets, so organizations upgrading their mobile strategies usually prefer to support both.

Just like tickets and credentials that are configured for storage in Apple Wallet or Google Wallet, employees can store their access credentials on their smartphones or compatible wearable devices. Employee badges in digital wallets, for example, let users store their employee badges or other credentials after successfully authenticating them once through their company’s mobile apps. Subsequently, employees use their NFC-enabled phones through the digital wallet to access buildings, offices, and other access-controlled areas and resources they are authorized to use.

Frequency Matters

The choice of communication protocol — whether longer-range Bluetooth or shorter-range NFC — is separate from any decision related to the app or wallet experience. There’s no such thing as a “Bluetooth credential” or “NFC credential,” nor are credentials tied to a specific app or wallet. What matters is frequency: only secure credentials operating at 13.56 MHz (the same frequency as NFC) enable wallet functionality. This technology is also more power-efficient. Transitioning to these credentials provides three key benefits: stronger security, less battery consumption, and support for seamless short-range wallet tap interactions.

To ensure credential-to-reader security, many organizations specify 13.56 MHz mobile credentialing, which rivals the security of a VPN connection. Other options go beyond encryption to add mutual authentication. The ideal provisioning model is a remotely managed, self-service approach, where users receive a link via email to download their credential. This model also allows for easy software updates and credential revocation.

Organizations must also consider where mobile access will be used. In areas with multiple readers close together, short-range NFC is preferable to prevent accidental access to the wrong door. In contrast, locations like parking garages, main entrances, and elevators can take advantage of Bluetooth’s extended read range for added convenience.

Convenience and Protection

Across industries, 75 percent of IT leaders report that threats to their physical security systems increased over the past year, largely because many of these systems are now integrated with organizational IT networks. While 51 percent cited improved convenience as the leading motivator for upgrades, 40 percent pointed to strengthening their overall security posture as the primary reason for making changes.

Adopting a mobile-first physical access control and security posture can help protect against threats through real-time network monitoring. Less time spent creating, disabling, and checking credentials means more time security staff can spend protecting people and infrastructure.

As mobile access moves into the mainstream, organizations are combining the convenience that employees want with technologies and environments that promote greater security and control. From hospitals safeguarding patient areas to universities streamlining campus-wide access, mobile credentials are transforming how secure spaces are managed.