From just badges to badges + phones
Mobile credentials are no longer optional. Customers expect mobile access alongside cards. This need now shows up in tenders and purchasing decisions across industries. For manufacturers, staying relevant means offering mobile credentials that work as seamlessly as physical cards. Those who adopt fast will gain a clear competitive edge as expectations continue to rise.Why wallet-based mobile access is not always the best option
Many assume mobile access means using Apple Wallet or Google Wallet. While easy for end users, wallet-based solutions create challenges for manufacturers and integrators.1. Reader challenges
Using wallet credentials often means changing or updating readers. For example, to support Apple Wallet, the reader must support Apple’s special ECP2 protocol. This implies significant effort and costs for hardware certification and solution compliance with Apple.2. Limited control and privacy risks
Using wallets means handing over credential management to Apple or Google. Enterprises face static usage sharing requirements that may conflict with privacy policies or regulatory needs.3. High ecosystem costs
Wallet-based credentials involve multiple fees, including those from Apple or Google, RFID vendors, hardware manufacturers, and system integrators. These costs add up quickly, often making the per-user, per-year fee hard to explain to customers.4. Incompatibility with offline locks
In Europe, particularly in DACH and Benelux regions, offline smart locks are extensively used. They mostly utilize an OSS-SO standard to communicate their battery state and security events back to the access control management software. These require that the lock pass this data back to the mobile credential, which wallet-based solutions do not support.5. Vendor lock-in risks
Wallet solutions tie your product strategy to external technology vendors. Policy changes, feature removals, or pricing shifts by Apple or Google can cause problems for your product in the future, and there is nothing you can do about it. To sum up, Apple Wallet and Google Wallet have made it easier for people to see the value of phone-based access. They have helped shape what the market expects. However, these solutions do not work for every use case in the security world. The good news is that there is now another option. It offers the same ease of use but avoids the usual issues.NFC HCE: A wallet-free alternative that works
NFC Host Card Emulation (HCE) allows mobile phones to simulate contactless smart cards directly within the app. It has been widely available on Android since 2013. Developers have used HCE in apps for payments, public transport, and other secure ID uses. Apple’s iOS was always the missing piece. Until recently, Apple restricted this capability, limiting its use on iPhones. Now, under the EU Digital Markets Act, Apple has opened up NFC APIs to third-party apps. Starting with iOS 17.4 in Europe and expanding in iOS 18 globally, developers can build HCE-based apps for secure tap-to-enter access. This marks a turning point. For the first time, manufacturers can deliver seamless, wallet-free NFC mobile access on both Android and iOS.
How CoreWillSoft delivers wallet-free mobile access
How Tap-to-Open works
With CoreWillSoft’s Tap-to-Open solution, users enrol credentials in the app, just like they would with a physical badge. When they approach a reader, a two-tap sequence activates the app and sends the credential via NFC HCE. The access system verifies it and unlocks the door.
This method provides a smooth experience while keeping full control over credential issuance and management. It integrates with existing systems and supports both online and offline access control.
NFC HCE Evolved: Instant Access Through iOS Lock Screen Widgets
Why wallet-free mobile access makes sense
“One app to open them all”
A mobile access app can do more than just open doors. It can combine NFC, Bluetooth, and QR code access in a single place. For example, one app can unlock the office door, open the garage gate from a distance, and check the guests in the lobby. All using the same app.
It can also take on other roles, such as logging into a workstation, unlocking the lockers, calling the elevators, or even paying at the canteen. These extra functions are not possible in a wallet app and add real value to users.
Full control over the price
HCE credentials work with many existing readers, especially those already using RFID smart cards like MIFARE® DESFire®. You can often keep your hardware and merely adjust the firmware. This keeps project costs low and avoids full hardware upgrades.
Instead of starting a costly infrastructure change, mobile access becomes simply a software update. That makes it faster and easier to roll out.
Own your data, own your use-cases
A mobile app also creates new ways to use the access data. It can show users their entry history or send a notification when someone enters a site. Admins can see traffic patterns or check reader status with a special tap. These options are only possible when the credential lives in the app, not in the wallet.
In short, an HCE-based Tap-to-Open solution gives customers more coverage, more features, and lower total cost than wallet-only setups. It also opens the door to new services and smarter integrations.
Mobile access differences
| Factor | 💳 Wallet-based | 📱 App-based |
|---|---|---|
| Deployment | No app install needed | Needs a dedicated app |
| Maintenance | No control over updates | Full control over updates |
| User Experience | Fixes Wallet UI | Branded, unified app |
| Opening | Tied to Apple/Google rules | Full control |
| Control | Needs specific readers | Works with standard readers |
| Integration | Per-user platform fees | No per-user fees |
| Costs | 1 tap | 1 or 2 taps, depending on state |
NFC HCE Evolved: Instant Access Through iOS Lock Screen Widgets
Technology consulting and support
Implementing HCE on iOS requires technical know-how, from securing Apple entitlements to ensuring reader compatibility. CoreWillSoft helps partners navigate these steps:
- If an older reader needs a firmware update to support mobile credentials, we guide you through it.
- If your backend software needs an API to connect with the mobile app, we help design and build it.
- If you do not have a mobile app yet or want to add mobile access to your current one, we can help with that too.
This collaboration helps security providers start using the technology without a long research or development phase. With our experience in mobile access, we support manufacturers in adding this feature to their product line, guided by a team that knows both mobile apps and physical security.
Conclusion: Future-ready access with NFC HCE
Mobile credentials are now an essential requirement in access control. While Wallet-based solutions helped shape the market, they do not fit all environments. NFC HCE offers a flexible, cost-effective, and scalable alternative.
With CoreWillSoft’s Tap-to-Open solution for iOS and Android, security providers can deliver modern mobile access while retaining control, reducing costs, and expanding capabilities. If you are a manufacturer or integrator, now is the time to explore wallet-free mobile access. The technology is ready. The market is ready. Your move?
