The $17-Per-User Mobile Credential Tax — and How to Eliminate It
Every enterprise access control deployment has a credential line item. For plastic badges, it’s $3–$8 per card plus encoding equipment, replacement cycles, and badge office staffing. For mobile credentials — the industry’s answer to the badge problem — it’s $4 to $17 per user, per year, per vendor, forever.
That recurring fee is now the largest variable cost in many access control budgets. And it’s growing with every mobile credential pilot that converts to production.
Where the $17 comes from
Mobile credentials from the major access control vendors are proprietary digital tokens. The vendor generates the credential, transmits it to the user’s phone (usually via a proprietary app), and the credential is presented to a proprietary reader that validates it against the vendor’s cloud.
Every link in that chain is vendor-controlled and per-user priced. The credential is a vendor-issued token — not a government-issued identity. The app is the vendor’s app — not the user’s native wallet. The reader validates against the vendor’s cloud — creating a cloud dependency for every door opening.
The per-user fee covers the ongoing cost of maintaining this proprietary ecosystem: the credential issuance infrastructure, the mobile app, the cloud validation service, and the help desk for “my mobile credential isn’t working” calls.
For a 5,000-employee enterprise at $10 per user per year, that’s $50,000 annually — just for the privilege of replacing plastic with a different kind of vendor-controlled token. Over a 10-year access control lifecycle, the cumulative credential cost approaches half a million dollars. For a single site.
Why pilots stall
If mobile credentials are expensive, why do pilots keep launching? Because the operational benefits are real: no badge printing, no badge office, no lost-card replacements, lower desk traffic for new-hire provisioning.
The problem emerges when the pilot converts to full deployment. A 200-person pilot at $10/user costs $2,000/year — a rounding error. A 5,000-person rollout costs $50,000/year — a line item that requires budget approval. A 50,000-person enterprise deployment costs $500,000/year — a number that triggers procurement review, competitive bidding, and the inevitable question: “Why are we paying per-user for a credential when we already pay for the access control platform?”
That question kills pilots — and it’s why enterprise mobile credential pilots keep stalling. The CSO who championed the mobile credential initiative discovers that the credential cost exceeds the cost of the badge program it was supposed to replace. The CFO points out that badge costs were one-time; credential costs are perpetual. The pilot stalls. The badges stay.
The architectural alternative
The per-user credential fee exists because the credential is vendor-issued. A vendor creates a proprietary token, manages its lifecycle, and charges for the ongoing service. Remove the proprietary token, and the per-user fee disappears.
Government-issued digital identity — mobile driver’s licenses (mDLs) compliant with ISO 18013-5 — provides an alternative credential source that is already issued, already in the user’s phone, and costs the enterprise nothing per user. The employee already has a digital ID. The building just needs to verify it.
The KeyShare approach to physical access uses this principle. Instead of issuing a proprietary credential per employee, the system verifies the employee’s existing government-issued digital ID and derives a site-specific access credential from the verified identity. The employee taps their phone at the reader. The reader verifies the digital ID. The Panel Application on the existing Mercury controller derives a unique identifier and validates it against the access manifest. The PACS sees a standard credential number — no API changes, no middleware.
Zero per-user credential fees. Zero proprietary apps. Zero vendor-issued tokens.
What about employees without mDL?
Not every employee has a mobile driver’s license today. mDLs are live in a growing number of US states with more in pilot. Adoption is accelerating, but it’s not universal.
For employees without an mDL, an authorized administrator can enroll them by verifying a physical identity document. The system generates the same site-specific credential — the enrollment method differs, but the access credential is identical. As mDL adoption grows, the manual enrollment percentage shrinks.
The practical deployment approach: start with employees who have mDLs (often 30–50% in states where mDL is live), and enroll the rest through the administrator pathway. Physical badges remain active during the transition — identity-based access is an addition, not a replacement.
The total cost of ownership comparison
| Cost Component | Proprietary Mobile Credentials | Identity-Based Access |
|---|---|---|
| Per-user credential fee | $4–$17/user/year | $0 |
| Proprietary mobile app | Required (vendor-managed) | Not required (native wallet) |
| Cloud dependency per door | Required | Not required (on-panel decisions) |
| Badge printing | Eliminated | Eliminated |
| Vendor lock-in | High (proprietary credential + reader + cloud) | Low (ISO 18013-5 + OSDP v2.2 standards) |
The software platform (KeyShare Connect) has a subscription cost — this is not a free solution. But the subscription is per-station or per-site, not per-user. The cost does not grow linearly with headcount. A 500-person building and a 5,000-person building on the same panel infrastructure have the same platform cost. That’s a fundamentally different economic model from per-user credentialing.
