Understanding the Encryption Key Argument

Some vendors position encryption key ownership as a critical factor in avoiding “vendor lock-in.” The argument suggests that if your institution owns the encryption keys, switching vendors becomes straightforward because you can simply hand those keys to a new provider.

This argument oversimplifies several complex realities:

The Technical Complexity

Mobile credential encryption isn’t a single key or even a simple key pair. It’s a multi-layered security architecture involving:

  • Diversified keys at the credential level (each credential has unique keys)
  • Multiple encryption layers between your systems, the mobile credential platform, and device manufacturers
  • Separate key hierarchies for Apple, Google, and Samsung ecosystems
  • Dynamic security protocols that evolve as mobile OS platforms update
  • Hardware security elements in readers and mobile devices

There isn’t a single “silver bullet” key set that makes vendor transition simple. The security architecture is inherently complex and deeply integrated across multiple technology partners.

The Practical Reality

Even if you possess encryption keys, a vendor transition involves:

  • Mobile application changes - Users interact with a vendor-specific app; changing vendors means a different app
  • Reader infrastructure updates - Even if encryption keys remain the same, the location and structure of credential information varies by vendor, requiring reader configuration changes and potentially firmware updates across potentially hundreds of readers
  • Integration rebuilding - Connections to campus systems (card office, access control, dining, etc.) must be reconfigured
  • Credential reprovisioning - In virtually every scenario, users need to provision new credentials to their devices

This last point is crucial and often misunderstood.

The Reprovisioning Reality

From an individual user’s perspective, reprovisioning a mobile credential takes minutes. Open an app, authenticate, provision to device. It’s not a significant burden.

In fact, regular credential retirement offers security benefits:

Many campuses should consider annual credential retirement at the start of each academic year as a security best practice. This approach:

  • Ensures only current community members hold active credentials
  • Provides a natural security refresh cycle as community members depart from the institution
  • Creates a clean slate for each academic year

Whether you’re switching vendors or not, the user experience of credential provisioning is fundamentally the same: authenticate and download. The encryption key ownership question doesn’t change this user reality.

The real work in vendor transitions happens at the institutional level—systems integration, reader infrastructure, process migration, and staff training. These efforts are substantial regardless of who holds encryption keys.

Up Next: What Really Determines Program Success

Continue Reading

© 2026 Illumia, LLC. All Rights Reserved.

Cookie Policy | Terms & Conditions | Privacy Policy | Accessibility Policy Do Not Sell My Personal Information | illumiatech.com