A new standard called Aliro 1.0 has entered the access control playing field, with a focus on interoperability for the enterprise customer and mobile credential migration.
Created by the Connectivity Standards Alliance, Aliro 1.0 was released in late February 2026 and announced as “a unified standard to transform the access control ecosystem.” The key differentiator is a standardized digital credential that leverages smartphones and wearables. Aliro has support from Apple, Google and Samsung and includes a product certification program and testing protocols through its authorized test labs.
“Aliro is solving the fragmentation that has held back digital key adoption, replacing it with a single interoperability standard built through alliance member collaboration,” said Tobin Richardson, president and CEO of the Connectivity Standards Alliance.
Aliro 1.0 is the first unified, open, mobile credential standard designed to work across all access control ecosystems. It simplifies installations and enhances troubleshooting between multiple hardware providers. It can also create more complex integrations.
According to Nelson Henry, chairperson of the Aliro Steering Committee and vice president of security technology and engineering for Last Lock Inc., Madison, Wis., Aliro uses asymmetric (public-key) cryptography for secured and trusted interaction between user devices and readers. It’s built to support more complex integrations such as PACs and building automation, leveraging Apache 2.0, a permissive free software license.
“We’ve created a robust baseline infrastructure for universal digital credentials with Aliro’s standardized communication protocol between access readers and user devices,” he said. “Fundamentally, the phone becomes the digital key that is open and publicly accessible, and that introduces more ability to scale in a standard, secure infrastructure. The wallet ecosystem [that] is already supporting Aliro and Google certification is live.”
Henry said that during development over the last several years, the focus centered on communication between device and reader.
“We wanted to nail that piece really well so it could be paired and work agnostically with different platforms, being thoughtful of how it would be used in the field,” he said.
Asymmetric encryption
According to Sanjit Bardhan, vice president and global head of mobile at HID Global, Austin, Texas, “Aliro 1.0 marks the first publicly available release of a new, open industry standard for access control credentials. Aliro introduces asymmetric public-key cryptography to mainstream enterprise access control—a major shift from the symmetric-key models traditionally used.”
Bardhan said for enterprise users, Aliro offers a higher level of security at doors and other access points, aligned with modern cryptographic best practices.
“For systems integrators, Aliro offers an opportunity to stand out by providing more secure, standards-based solutions that are not reliant on proprietary credential technologies, helping future-proof customer deployments and delivering value-added maintenance and professional services,” he said.
To support Aliro, Bardhan said manufacturers need to take several key steps: “First, their hardware—such as readers, controllers and related devices—must be able to recognize and authenticate Aliro credentials. Without this hardware support, Aliro cannot be deployed. Second, manufacturers need to integrate support for trusted certificate authorities, which are essential for issuing, signing and validating the asymmetric credentials. This introduces a new layer of credential trust management that is unfamiliar to much of the access control industry. Finally, manufacturers must develop expertise in implementing and supporting asymmetric cryptography at scale, ensuring performance, reliability and interoperability across deployments,” he said. “Over time, the greatest value will come from integrating Aliro into a broader ecosystem, where the same trusted credential extends beyond doors to elevators, turnstiles, vending, housing and other entitlement-driven use cases.”
Driving new connections
Kyle Smallwood, associate vice president of global product management for Dormakaba North America, Indianapolis, said Aliro should be considered as a “living standard” that provides another tool to drive interoperability across the industry over time.
“Manufacturers benefit by not needing to create or recreate proprietary integrations from scratch and end-users gain flexibility around the devices they can use with their credentials,” Smallwood said. “Aliro 1.0 represents a meaningful step toward a more open, interoperable access control environment. But like all technologies that promise interoperability, its significance moving forward is dependent on adoption, which is uncertain given how new the standard is.”
Smallwood added that real-world commercialization of Aliro 1.0 is early and limited.
“Commitments from major mobile wallet providers signal future readiness, and my perspective is that the standard has strong potential to enable unified credentials and more seamless experiences across environments. However, complexity is always in the implementation. Widespread impact will depend on adoption, product certifications and multivendor implementations of these mobile credentials at scale,” he said.
stock.adobe.com/Kateryna
