13 easy steps to use one Smart ID for all physical and digital access
Do you want your users to be able to identify themselves visually, log in, open doors, sign documents, make payments and use follow-me printing – with one single Smart ID? Malin Ridelius, product specialist at identity and security company Nexus Group, guides you through the 13 easy steps to make this a reality.
1. Ask one of Nexus’s partners to implement the Nexus Smart ID solution for you.
“You choose which access systems you want to be connected to the Smart ID solution, and whether you want follow me-printing, payments, and digital signatures to be implemented and connected to the Smart ID solution,” says Ridelius.
2. Create different user groups and choose what physical and digital access rights the different groups are to have.
“A user group can, for example, be a class of students, that you give access to the right facilities during the right times, and to the right digital resources,” says Ridelius.
3. Create Smart ID cards for all your users, such as employees, students and consultants.
“If you want to use the Smart ID cards for all your physical and digital access needs, the cards must be fitted with a range of features, such as pictures for visual identification, RFID technology for physical access, and public key infrastructure (PKI) crypto chips for digital access. The cards are personalized and printed either by Nexus or by your own staff on your premises,” says Ridelius.
4. Distribute the Smart ID cards and PINs to your users.
“Before handing the cards over to your users, you have to make sure that the right person gets the right card. You can, for example, choose to distribute the cards and PINs via your reception or service desk, and require that the staff verify the user’s ID before the user gets their Smart ID,” says Ridelius.
5. Decide which users are to get complementary authenticators, and which authenticators they are to get.
“All users need a Smart ID card for visual identification, but for some situations, another authenticator is better suited. One example is a student who needs to log in to digital resources from home, on a computer without a PKI card reader. In this scenario, a mobile phone ID or a virtual smart card on the student’s private computer can be good solutions,” says Ridelius.
6. Your users download and activate their complementary authenticators via the Smart ID self-service portal.
“Since they already have a Smart ID card, they can verify their identity themselves,” says Ridelius.
7. Your administrators change your users’ physical and digital access rights continuously in the Smart ID solution’s administration portal.
“For example, when a group of students begins a new course in a new building, they are granted access to the new facilities during the times you decide. They are also granted access to digital resources specific to the new course. The synchronization functions in the Smart ID solution ensure continuous accurate information in all connected systems, without any manual processes,” says Ridelius.
8. When new users (students, employees, contractors, etc) need a card and/or a complementary authenticator, you just place the new user in a user group and repeat steps 3 and 4.
“Some organizations prefer to outsource all card production to Nexus, while others prefer to make all their cards on premises. But the most popular choice is to outsource bulk production while producing new or temporary cards continuously on premises,” says Ridelius.
9. Your users handle most of the tasks needed during the Smart ID’s lifecycle through the Smart ID self-service portal or a service station.
“For example, PINs for the cards and other authenticators are forgotten and must be changed, and your users manage this without administrative involvement. Another example is when cards are accidentally left at home or lost. Your users then request a temporary card or a new card themselves, which automatically blocks their old card,” says Ridelius.
10. When a user leaves the organization, your administrator gets an automated request to take away all their access rights in all physical and digital systems.
“All access rights are then removed with just a few clicks. This solves the problem of previous employees being able to access an organization’s physical and digital resources for years after they quit,” says Ridelius.
11. Your users are really using the Smart ID solution, without hassle.
“They are no longer able to bypass your security processes, since they have to use the card for everything. And since the solution is user friendly and makes your users’ lives easier, they will appreciate that you have implemented it,” says Ridelius.
12. If you want to, you can connect external users to your Smart ID solution, without having to give them Smart IDs.
“External users, such as customers or citizens, can use nation-wide electronic IDs to get access to your digital resources or sign digital documents or transactions, if you do not want to give them Smart IDs,” says Ridelius.
13. You can also add capabilities to issue and manage identities for the internet of things (IoT) to your Smart ID solution.
“You might, for example, want your surveillance cameras or RFID card readers to be able to communicate securely. And if you are a manufacturer, you may want to provide your equipment and/or your products with electronic identities,” says Ridelius.
This blog post is a compressed version of the guide “How to use Smart IDs for all physical and digital access.” If you want to read the full guide, you can download it for free, here>.
Published 4/10 2017