While at ISC West last week, one topic came up repeatedly – a move to consider the user experience.  I couldn’t agree more and thought I’d take a few minutes to try and summarize the discussions and my thoughts.

First off, let’s think about where we are today.  Today we talk about things in the industry from a transactional perspective, not telling a story.  We talk about ‘unlocking the door’ or ‘keeping the wrong people out’ and sometimes even ‘the analytic can detect a person/object’ but this is all transactional, not truly telling the story of what happened, or what can be done beyond this.

There was a lot of discussion around Apple Wallet, though many companies are still talking about that as a replacement for physical credentials, not what is possible with that technology, and thinking about it from a wider perspective.  Think about all the things that something like Apple Wallet can start to make possible? 

  • Now that we have a credential in the wallet, can’t we send a push notification to the user, when they enter, or a specific date/time, to notify them of other amenities in the facility?
  • When a visitor enters, can we offer them wayfinding to their destination (another need that’s starting to arise) or offer them a coffee?
  • Using geofence and/or beacons we could start to then notify users of other important info about the facility?  Say someone is entering a secure or hazardous space and then needs additional information or reminders – it’s now possible.
  • We could even start to add gamification to the user experience, driving improved use of a building or facility to reduce energy use or other improvements.

I also was in a couple of discussions around sovereign identity (also called decentralized identity) and this is an area I am especially interested in and have talked about for a couple of years now.  I’m excited to see the creation of the NFID Foundation [link] and the solutions created and powered by this.  Shoutout to companies like PassiveBolt, PDQ Manufacturing, ZK Teco, and Tech 5 for making this a reality.  We are just getting started but there are lots of ways this can evolve, both for physical and logical access.  We just need more people to get on board and think differently about what’s possible.  But for now, back to Apple Wallet…

It’s very evident that NFC credentials are here to stay, and for good reason, but I also want to propose that we seriously consider the discussion beyond where we have been, and consider a new paradigm.  It’s not about the transaction, it’s about the experience.  This is the crux of a topic that came up repeatedly for me, last week, and one that I enjoy exploring.  

Today, and historically, the security industry has focused so much on the transactional event and how that interacts with the local system (PACS, VMS, etc).  But there’s so much more than that.  Consider the ripple effect of dropping a pebble in a still pond – just visualize what happens on the surface of the water.  No single ripple exists without the previous but they are all interdependent, gradually growing larger.

Well, the same exists in the security space.  We are focused on the transactional data, not the wider ripple effect we could (and should) be having. Each of these elements is interconnected and we should be talking about how things happen as a story, a user’s experience, and then driving down to the ‘how’ as the conversation evolves and continues.  Far too many times we have a discussion that is from the transaction element out to how it interacts with the local system on that site.  But what about the wider picture? 

  • Shouldn’t we consider how that local system should integrate with other systems? 
  • Shouldn’t we consider the wider enterprise and the end user customers’ wider needs and portfolios?  
  • Shouldn’t we consider the privacy of the data that is being collected?  
  • Shouldn’t we ultimately be considering the experience for each user and design for such?

I feel the answer to each of these is unquestionably – YES!

Very similar to the ripples in a pond, each of these interconnected ‘layers’ are dependent on the others.  While it’s possible to only cover some layers (as we’ve seen for years), I’ve seen a shift start to talk more about the wider picture.  We are far from ‘there’ as an industry, but the more people that start to talk about things in this regard, the more that things will continue to change.


Transaction to user experience

Click to enlarge

  • Transactional or Event Data: this is the event that happened
    • Door opened, Analytic was triggered, etc.
  • Physical Communications: how does the information get into the system
    • TCP/IP, Wiegand, OSDP, etc but also BLE, NFC, UWB, and others.
  • User Identity: now that the information is in the system, we translate that to a user
    • Often this is the user’s name, card number, etc.
  • Local System: the information is stored in the system immediately connected
  • Integrated Systems: by integrating systems, more things can start to happen as a result of a single event taking place.
    • Access control, Visitor Management, Video Surveillance, etc.
  • Building Management Solutions: taking these systems into consideration as the security industry changes and expands the value proposition
    • True BMS solutions but also the building owner’s portfolio of properties for total ROI
  • Data Privacy: large databases of user information are very high-value targets for cyber criminals but there are ways to mitigate this
    • Better protection of the database, sovereign identity, etc.
  • User Experience:  tell a complete story across the solution and deployment about how a user’s experience can be, as well as how it can be improved.

So what would messaging look like if we made this pivot?

  • Transactional: Replace your badge with your phone to unlock the door
  • User Experience: Provide users a seamless experience throughout the facility by making the mobile device fundamental to how they engage with the facility.  Give your users the data and information they need at the exact moment they need it.
  • Transactional: This analytic can detect when a person of interest is on the property
  • User Experience: By deploying analytics, you can reduce operator fatigue and ensure they are ready to take action the moment they are needed for a verified threat.  Reduce false dispatches and wasted time on unverified alarms.  Increase the security of your facility and operator responses to deliver precision action for only the most important events, including knowing when a person of interest has entered the property.

Keep in mind – the ‘user’ isn’t just about the person that’s moving around the facility.  It could be the employee, tenant, building owner, system operator, system administrator, etc.  When we make the move to talk about the user experience, consider various personas to make sure we cover each person’s needs and wants.

Tell me what you think – should we continue to be an industry that only tells the same story in new words or do we actually start to tell a new story and provide real value to our customers?