Access Management Platform

Authorize people, not tokens.

Your employees already carry a mobile credential — their government-issued digital ID. For the rest, traditional mobile credentials fill the gap. Together, they make mobile access affordable at enterprise scale.

Digital IDs at zero cost. Mobile credentials where needed. Everyone gets in.

Request a Demo View Building Access
$0 Credential Fees Mercury Compatible FIPS 140-2 On-Premises Auth No Vendor Lock-in
$0Per-User Cost
<150msAuthorization
0%Rip-and-Replace
<60sEnrollment to Access
5+PACS Supported
FIPSValidated
Capabilities

Identity-based access, managed.

Six modules for the full credential lifecycle — from enrollment to revocation.

Employee Enrollment

Enroll via mDL verification or physical ID. A site-specific, non-reversible UUID is generated and pushed to the panel manifest automatically.

Manifest Management

Cryptographically signed manifests synced to Mercury panels. Configurable sync intervals — doors keep opening even if the cloud is unreachable.

Identity Verification

ISO 18013-5 mDL and EUDI wallet authentication with selective disclosure. No PII stored at readers — only the UUID reaches the panel.

Revocation & Offboarding

Revoke in Connect or your PACS. UUID removed from the manifest at next sync cycle. Forced manifest sync available for immediate revocation.

Zone & Policy Control

Assign access zones, time windows, and clearance levels per user. Manage multiple populations — digital ID users and mobile credential holders — from one console.

Audit & Compliance

Full event logs — enrollment, access, revocation — with timestamps and admin attribution. Aligned with ITAR, HIPAA physical access, and SOX controls.

How It Works

Enroll. Tap. Access.

Connect manages enrollment and manifests. The Panel Application handles authorization on-premises. Your PACS doesn't change.

1
Admin enrolls employee

Enter a name and date of birth. Employee taps their phone at the reader. Connect handles UUID generation and manifest sync automatically.

2
Employee taps reader

Phone presented at a KeyShare-ready reader. Digital ID authenticated via ISO 18013-5 — sub-150ms on-premises.

3
Panel authorizes access

Panel Application derives the UUID, validates against cached manifest, passes a standard credential number to your PACS. Door opens.

Architecture

Cloud managed. Panel decided.

Enrollment and policy live in the cloud. Access decisions happen on-premises — zero cloud dependency for door openings.

Connect Cloud

Enrollment & management
  • Multi-site enrollment console
  • Manifest orchestration and signing
  • Zone and policy management
  • Compliance reporting and audit logs
  • Hybrid transition management (digital ID + mobile)

Panel Application

On-premises on Mercury controllers
  • Sub-150ms on-premises authorization
  • Cached, cryptographically signed manifest
  • UUID derivation from verified identity
  • Standard credential number output to PACS
  • Doors open without cloud connectivity
Hybrid by Default

Mobile access without the mobile credential tax.

Mobile credentials cost $4–$17/user/year — at enterprise scale, that kills the deal. KeyShare makes digital IDs the primary mobile credential at zero per-user cost.

Digital ID as Primary

85%+ of your workforce already carries a government-issued digital ID. Use it as a zero-cost mobile credential — no app to install, no per-user license, no vendor lock-in.

Mobile Credentials for the Gap

Employees without a digital ID? Issue a traditional mobile credential for that population. You buy credentials for 15% of your workforce instead of 100%.

80%+ Cost Reduction

A 500K-employee enterprise quoted $8.5M/year for mobile credentials goes to a fraction of that. The deal that died in pilot now closes with a blended approach.

Integrations

Runs on what you already have.

Connect integrates with your existing panels, PACS, and identity standards — not a replacement for any of them.

PACS Platforms

LenelS2 · Genetec · Acre · RS2 · Access It

Panel Hardware

Mercury Security LP & MP controller series

Identity Standards

ISO 18013-5 (mDL) · EUDI ARF · OSDP v2.2

Security & Compliance

FIPS 140-2 · ITAR · HIPAA · SOX

Why Connect

Beyond credentials.

Identity-based access eliminates the tradeoffs of token-based systems.

Plastic Cards / Fobs Mobile Credentials Recommended KeyShare Connect
What you authorize
Credential type		 A token (card or fob) A token (app credential) A verified person
Per-user cost
Annual fees		 Replacement costs $4–$17/user/year $0 — site-based pricing
Shareable
Security risk		 Yes — shared constantly Transferable token Non-transferable identity
Infrastructure change
Deployment effort		 Card printers, encoders New vendor, potential panel swap Software on existing panels
Cloud dependency
Door-open reliability		 None (offline) Often cloud-dependent Zero — on-premises decisions
Authorization speed
Door response time		 Fast (local) Varies — cloud latency Sub-150ms on-premises
Hybrid support
Migration flexibility		 Single mode only 100% of workforce required Digital IDs + mobile credentials blended
Best for Low-security environments App-equipped workforces Enterprise identity access

Ready to drop the mobile credential tax?

Request a custom TCO analysis — a personalized savings report based on your headcount, current credentialing method, and infrastructure.

Request a Demo Calculate Your Savings