HID - Experts & Thought Leaders

Enhancing enterprise security is high on the list of priorities for businesses across sectors. Within the retail industry, there is an additional focus on enabling new ways of working through management tools. Integrated solutions and applications help to create a robust security landscape and ensure a future-ready posture as organisations look to address emerging risks and create better experiences for next-gen employees. Physical access control (i.e., the readers on the door and the credentials that individuals present to them for authentication) is not only one of the first interactions employees have with security technology but is also the first line of defence in security programs. Good user experience The balance of a good user experience and strong security is critical, though striking that balance has been a challenge historically as security teams are tasked with prioritising safety and protection. Innovative companies who want to go beyond traditional access control have found the balance of a frictionless user experience and strong security in mobile access solutions. Żabka is one of the largest European retail companies with 7000 locations across Poland Żabka is one of the largest European retail companies with 7000 locations across Poland and the Czech Republic. Innovation is in its DNA and the organisation is known as an early adopter. From introducing AI to create an autonomous and checkout-free shopping experience to launching a cloud-based platform to better the franchise management process, Żabka has actively embraced continuous change and improvement. When implementing security for its new headquarters in Poznań, Poland, Żabka returned to its pioneering roots, requiring a highly secure, automated solution that enabled the integration of custom applications and simplified the use of other building-wide office functionalities. Physical security components Żabka’s vision included seamless access starting at building entrances with employees using their mobile phones to ‘badge’ into the building. From there, the same mobile credential would unlock turnstiles, authenticate floor access in elevators, track time and attendance and release documents at shared printers. Most importantly, user data would need to be secured via encryption and authentication through appropriate access keys with the introduction of new users being completely under Żabka’s control. The implementation of an ecosystem with multiple capabilities — including a migration from plastic cards to mobile identities, surveillance tools, access management, and physical security components to underpin the entire solution — also necessitated collaboration between partners who shared Żabka’s spirit of modernisation and vision for a seamless user experience. Traditional plastic credentials Żabka’s comprehensive ecosystem utilises digital access control processes The project team included HID Global who managed the transition from traditional plastic credentials to mobile identities, with Zonifero to develop a custom mobile app, and Cynergy to complete the installation of hardware and embedded components. Żabka’s comprehensive ecosystem utilises digital access control processes and integrated surveillance tools with a security management platform enabling Żabka to migrate completely to the use of mobile identities. The move to HID Mobile Access has changed the experience of employees, visitors, HR, and security administrators by accelerating and automating access control management for the entire building. Integrated surveillance tools Mobile identities, contactless employee onboarding, touchless visitor management, time and attendance, and integration with the security system of the entire building are now aggregated and facilitated within the smartphone app. Security administrators remotely managed a pool of allocated mobile identities The ability to manage the access control system from anywhere with no physical contact was especially valuable. Launched amid the pandemic, the new infrastructure enabled Żabka employees to maintain social distancing and limit contact through automatic and remote activation of access. Security administrators remotely managed a pool of allocated mobile identities and individual access to users’ devices, thereby solving the problem of storing physical cards, facilitating credential transfers, issuing new credentials in the case of lost or damaged ones, and deactivating cards in the event they were lost or stolen. Mobile identity functionalities Żabka implemented mobile access on a large scale with mobile IDs in use by about 800 employees. The retailer also plans to implement further mobile identity functionalities, such as opening parking lot gates, making cafeteria purchases, and seamlessly logging in to computers. Steve is responsible for leading and coordinating demand generation programs and channel marketing activities for HID's Physical Access Control Solutions (PACS) business area in Europe. He has over 20 years of experience working in B2B marketing, 15 of which have been in the safety and security industries.

Founded in 2010, Avolon is the third-largest aircraft leasing company in the world with 824 aircraft and 145 customers in 62 countries. Its new global headquarters in Dublin is comprised of 6,967 sq m (75,000 sq ft) of secure office space across six floors that houses its IT, catering, legal, and communications departments. Need for a centralised monitoring solution Avolon’s new premises in the upmarket Ballsbridge area of Dublin provided an opportunity for the company to rethink its approach to building security. Avolon was looking for an innovative, flexible solution that could be personalised to individuals, easily accessed, and managed remotely. Additional requirements included: the need to provide different levels of security clearance in different areas of the building, the ability to manage individual security clearances, the facilitation of access outside of the usual workday, and secure parking lot access for employees and visitors. As a global company, Avolon wanted a solution that could be deployed worldwide to provide a consistent experience for its employees, regardless of their location. HID’s flexible access control solution Powered by Seos® technology, the solution uses BLE and iCLASS® readers to create a secure access control solution Avolon partnered with systems integrator Summit Security Systems Ltd and deployed HID Mobile Access at its Dublin headquarters. Powered by Seos® technology, the solution uses Bluetooth Low Energy (BLE) and iCLASS® readers to create a secure, convenient, and flexible access control solution for its headquarters. The building’s security system enables credentials on smartphones via an app rather than on physical access cards and uses iCLASS SE® mobile-enabled readers installed at points of access. Key benefits of a mobile access system include: Employees are less likely to forget smartphones, which they always carry than an access badge Security clearances are more efficient and easily changed because security status is provisioned to an app A cloud-based central control system provides security administrators with easy oversight, access to a complete set of metrics, and the ability to manage a network of premises around the globe Employing various access control measures Avolon has implemented a range of different solutions for different parts of its premises that can vary by time of day. For example, elevators utilise access control measures to ease the flow of people within the building during work hours, while assuring that after-hours access is more controlled. Employees simply twist their iOS or Android™ phones when they approach the parking readers to gain entry The ease-of-use and security also extend to the parking lot, which benefits from HID’s “Twist and Goes” feature. Employees simply twist their iOS or Android™ phones when they approach the parking readers to gain entry. Avolon encourages its employees to cycle to work and has extended mobile access to a secure employee bike parking area that links directly into the shower and changing facilities. Advantages of mobile access solution The HID Mobile Access Solution provides many advantages over the previous card-based system including after-hours access (vital to a 24/7 business like Avolon), ready access to secure rooms, and easy management of security clearances. With HID Mobile Access, fine-grained security access for a global network of offices is controlled centrally through a cloud-based portal. Access levels can be set on an individual basis so they are very flexible and can be modified as needed. “Using a mobile phone is much more convenient than access cards. People forget their access cards, but their mobile phone is with them all the time,” said Allan Dawson, facilities project manager at Avolon. “It’s much more efficient. For example, we now have much lower instances of people leaving the perimeter and having to ask for re-entry because they’ve left their pass in the office.” Worldwide installation of physical access solution In the future, Avolon anticipates expanding its new physical access solution across its global campuses. “As well as deploying in our Dublin head office we have also deployed in our New York, Florida, and Hong Kong offices,” said Dawson. “The benefit of using a global platform means our people can travel between offices with their security status intact and ready to go for each location.”

HID, the pioneer in trusted identity and authentication solutions, announced that it successfully supported Stockholm's public transit authority, Storstockholms Lokaltrafik (SL), in transforming the daily travel experience for hundreds of thousands of passengers in the capital through a comprehensive digital ticketing modernisation program. The initiative has eliminated paper tickets and enabled seamless contactless payments across buses, ferries, trams and metro stations. The technology upgrade has delivered measurable benefits, including dramatically reduced fare evasion that translates to millions of Swedish Kronos in recovered revenue for SL.  Residents experience faster, more convenient travel New ticketing infrastructure was specifically selected because it withstands harsh Nordic winters With the new integrated ticketing devices from HID, citizens can now use the same payment method – whether a mobile app, contactless card or digital wallet – across all 2,600 buses, 140 ferry validators, 320 tram platforms and 1,035 metro fare gates throughout the capital region. Most importantly, the new ticketing infrastructure was specifically selected because it withstands harsh Nordic winters, a crucial factor for passengers who depend on public transit year-round. Legacy hardware, systems and networks “Serving hundreds of thousands of passengers daily across multiple transit modes required a ticketing solution that could scale with our needs while providing a consistent experience for our riders." "We chose HID for its multi-technology ticket validators for buses, ferries and gates, as well as its ability to run side-by-side with our legacy hardware, systems and networks. It was a real challenge for everyone involved to get this working, but it was one we overcame together,” said Karin Harrius, Business System Administrator, Ticket Readers at SL. Seamless ecosystem across touchpoints The implementation was designed to ensure a consistent validation experience and deliver a seamless ecosystem across all transit touchpoints. It included: Enhanced passenger convenience on buses: HID VAL100 ticket validators integrated with HID TripTick™ barcode technology and NFC/RFID contactless payment functionality in a single point of presentation for tickets and travel passes Reliable outdoors operation in extreme weather: HID VAL150 validators featuring a waterproof design on ferries and tram platforms Streamlined fare collection across metro stations: HID TripTick 220 OEM barcode, NFC and cEMV ticket modules within fare gates and ticket machines in the Stockholm metro, enabling multi-format ticket reading throughout the system. Significant reduction in fare evasion Improvement ensures that all users contribute fairly to keeping these vital transport links The modernisation has delivered substantial financial benefits for SL. Fare evasion dropped from 3.1% in 2019 to just 2.3% in 2023 – a 26% reduction that has recovered millions of Swedish Kronor annually for reinvestment in public transit infrastructure and services. The impact was particularly dramatic on ferry services, where ticket validation rates increased from just 58% in November 2021 to 89% by March 2025. This improvement ensures that all users contribute fairly to maintaining these essential transportation links connecting Stockholm's islands and waterways. Digital-first approach meets evolving expectations Citizens particularly benefit from the system's ability to prevent ticket duplication The comprehensive digital transformation addresses the evolving expectations of Swedes in an increasingly mobile-first society. Citizens particularly benefit from the system's ability to prevent ticket duplication and unauthorised sharing through social media platforms – issues that had previously undermined fare revenue and service sustainability. Future integration of new technologies With Stockholm County – which represents 20% of Sweden's population despite covering only 2% of the country's area – the scalable, open-architecture system ensures SL can adapt to evolving technologies and passenger expectations. The system's flexibility allows for future integration of new technologies and travel services without requiring complete infrastructure replacement, protecting the public investment while maintaining service innovation.

The sheer volume of smart locks, lock management systems, connected readers and an increasing array of Internet of Things (IoT) devices complicates the issuance and management of certificates that are foundational to establishing trust between a device and the credential used to access it. That’s why more companies are turning to PKIaaS for IoT devices. But there’s another reason to consider PKIaaS: the rise of quantum computing. Secure digital communications Gartner predicts that the pace of quantum computing will render asymmetric cryptography systems PKI certificates form the backbone of secure digital communications, but Gartner predicts that the pace of quantum computing will render asymmetric cryptography systems unsafe by 2029 and could render all current cryptography unsafe by 2034. As with any software implementation, there are pitfalls to avoid, including vendors that use proprietary technology that’s incompatible with other systems and “gotcha” pricing tactics where a slight increase in certificate usage triggers a massive increase in pricing. However, the time to implement PKIaaS is now. Physical security faces growing cyber threats Although ransomware attacks directly on computing infrastructure dominate business headlines, physical security systems are also under threat. An HID survey of over 1,200 security professionals, end-users and executives shows that 75% reported threats to their physical security systems in the past year, as these systems are more tightly integrated with company IT networks. Until recently, most physical access control systems (PACS) were proprietary and worked only on the specific systems they were designed to interact with. However, the movement toward open supervised device protocol (OSDP) revolutionised the field, allowing companies to integrate and control devices from different vendors while improving compatibility and security. PACS and IoT devices  PKIaaS makes sense as the number of digital certificates needed to power PACS and IoT devices As a result, 40% of companies plan to either update or change access control systems in the next year, with 21% emphasising the need for open standards like OSDP to both improve interoperability and future-proof their systems. When asked about reasons for a proposed upgrade, more than half cited convenience, while another 40% sought to improve their overall security posture. PKIaaS makes sense as the number of digital certificates needed to power PACS and IoT devices continues to increase, promoting security and reducing manual processes related to tracking certificates. Regulatory compliance demands automation and agility Companies also face increased regulatory pressures regarding technology in general — and certificates in particular. The European Union’s Cyber Resilience Act sets mandatory cybersecurity standards for manufacturers and retailers, covering the planning, design, development and maintenance of products throughout the entire value chain. Certain high-risk products must undergo third-party evaluation by an authorised body before being approved for sale in the EU. EU Cybersecurity Act shows a unified certificate framework for ICT products, services and processes More specifically, the EU Cybersecurity Act establishes a unified certification framework for information and communications technology (ICT) products, services and processes. Businesses operating in the EU will benefit from a “certify once, recognised everywhere” approach, meaning that approved ICT offerings will be accepted across all EU member states. Given the global nature of PACS, these regulations likely will impact companies well beyond the EU, much like the general data protection regulation on websites has. These changes, when considered together with rapid advancements in quantum computing, underscore the need for a unified certification solution such as PKIaaS to handle increased — and increasingly complex — certificate compliance. A path to PKI modernisation Modernising PKI through a PKIaaS model doesn’t have to be difficult. With a clear and phased approach, most organisations can transition smoothly while reducing risk and improving efficiency. It starts with a quick assessment of current certificate usage to understand where certificates are issued, how they’re renewed and any gaps in coverage. From there, it's about defining what you need and selecting a trusted partner. Look for a solution that integrates well with your existing systems, supports automation and scales as your needs grow. In terms of partners, not all PKIaaS vendors are the same. Look for one with a strong security track record and predictable pricing, which will simplify both onboarding and long-term management. When it comes to vetting vendors, ask the following questions: Is the solution scalable? The trend toward future-proof installations has never been greater. As the number of certificates increases, any PKIaaS solution must be able to grow in concert. How will pricing change as certificate volume grows? Some solutions are priced in tiers by the number of certificates. If a company exceeds that maximum by even a single certificate, it owes not only the price difference between tiers, but it will also be expected to pay for that tier the following year, which can bring a significant financial surprise. How are CAs accessed and stored? Look for companies that can provide long-term offline secure storage of certificates that can also track when CA keys are accessed. What support is included in the PKIaaS? Specifically ask vendors about up-front costs for implementation and onboarding to get a real apples-to-apples comparison among partners. Step-by-step replacement of manual processes A pragmatic approach allows corps to move quickly and confidently from legacy PKI to a scalable Once a vendor in place, start with a focused rollout, e.g., automating certificate renewals for internal systems or a specific business unit. Once the pilot is complete, expand automation with a step-by-step replacement of manual processes to limit operational disruptions. Finally, as PKIaaS becomes embedded in day-to-day operations, it’s important to align it with broader security governance. Establishing regular reporting and clear policies, as well as future-proofing for quantum-safe cryptography to ensure long-term resilience and compliance without adding complexity. This phased, pragmatic approach allows organisations to move quickly and confidently from legacy PKI to a scalable, secure and future-ready solution. A necessary upgrade According to an analyst report, manual certificate management can cost organisations up to $2.5 million annually in labour and outage-related expenses. While automation reduces these costs by up to 65%, the real challenge in IoT environments lies in managing scale. With device lifecycles often spanning decades and certificate volumes reaching millions — especially across distributed, resource-constrained endpoints — manual PKI processes and legacy infrastructure simply can't keep up. The convergence of regulatory mandates, quantum computing threats and rising cyber risks to connected physical systems makes scalable, cloud-based PKIaaS not just a strategic advantage, but a foundational requirement for secure IoT deployments.

Students deserve a safe and positive environment where they can learn and thrive. Teachers and administrators should be able to focus on their primary role of educating students because they feel supported and protected by a comprehensive security plan. Staff require a clear protocol for responding to emergencies. And parents deserve peace of mind that their children are safe during the school day. One of the tools for safer schools is physical security technology. We asked our Expert Panel Roundtable: How can physical security systems make schools safer? 

Physical security and cybersecurity are deeply intertwined in today’s systems. A weakness in one realm can quickly lead to a breach in the other, and vice versa. However, given the symbiotic relationship, why do physical security systems so often fall short when it comes to cybersecurity protection? We asked our Expert Panel Roundtable: Why does cybersecurity continue to be a weak link for physical security systems?