The physical access control industry has an existing credentialing business and the long term value of it is ZERO. And this is a good thing.
This shift opens the door for new business models, new players, customer centricity, and much more value creation. The ability to monetize will not be based on creating a credential moving forward. It will be based on what the credential does with the users identity and the dynamic features around it. In some cases it will just be included in other services.
For the incumbents who have built large high margin (💰) businesses around plastic credentials or others that were early to bring digital credentials to the market on the back of yesterdays business models, their cash cows will soon have zero to no value. Here is why I think this will be true and why this should be a warning (do not follow them off a cliff):
(1) The mainstream market has changed to mobile and end user expectations are different.
Digital credentials in the end users phones are perceived intangible or something that is just included. The relationship between the end user and a digital card in their digital “wallet” or in an app is very different than an analog card or fob. Basic credentials will become a victim of consumerization. We saw the same happen when smart locks were introduced to consumers and it will happen in the commercial business. End users do not see value in paying for standard digital keys or eKeys. Regardless if they have in the past. As it moves mainstream, that will change.
(2) We are in a midst of a shift from credentialing being important to identity and identity services being important.
The basic card credential given with a bit format as a representation of a person “likeness” so an access control system can lock or unlock based on a card being presented, is table stakes and low value at this point.
As the identity moves from given and on a card to being digital and in your phone/ring/etc., you will see a migration to the end user presenting themselves how they want and the physical access control systems needing to know what to do with that information based on different levels of assurance and policy. This turns the entire process on its head and shifts where the value resides.
(3) Customers and contractors, especially software savvy ones, are exposing the game.
As we have mentioned before, the majority of the existing credentialing businesses in physical access control are based off of old business models and scarcity. That does not apply to the new way business is done as it shifts to being digital. As physical access control becomes more mainstream or a subset function of a larger service offering (eg. CRM, building management, HR, video, etc), the access control credentials are no longer treated as a special 🦄. Majority of cards have been single use (access control only) so they could demand majority of the value (💰). They now become part of a larger more dynamic offering that is crowded by other services and because of that, physical access control can no longer demand the same value (💵) it has historically.
And it is fair to also highlight that at this point the ability to create a cloud based digital credentialing service is considered a low bar. Basic credentialing is not exceptional. I am not saying it is “easy.” What I am saying is “there are plenty of people that know how to do it and the value of it is low.”
Those that move now or have already moved on this will be in the pole position to extract the most value and help shape the market.
The market will focus on identity, assurance and the value the credential creates by end of 2020. The low value but expensive, high margin credential business of today goes to $0 by the end of the 2021. The incumbents will fight this and hold out as long as they can, but they will be forced to respond to innovators, new entrants, and end user demand.