NG-Key
NG-Key
Credentials

Credential surfaces buyers recognise as serious

NG-Key treats identifiers as policy-bearing artefacts — not opaque strings in a spreadsheet — so issuance, rotation, and revocation stay coupled to reader-resident truth.

WebAuthn PASSkeys and NFC mobile keys share the same lifecycle mindset: cryptographically grounded keys with enrollment hygiene instead of shared secrets bolted on later.

Physical media remain first-class — cards and DESFire profiles carry expectations around tamper resistance, cloning posture, and operational handling that procurement asks about explicitly.

Security conversations shorten when credential classes map cleanly to facility areas, schedules, and audit trails — one vocabulary from lobby to board deck.

Spotlight

Why credential depth belongs in the platform core

  • Fewer “phantom entitlements” — identifiers stay tied to real issuance events and reader-readable outcomes.
  • Revocation and rotation narratives stay honest because state lives beside execution, not in a parallel ticket queue.
  • Migration-friendly posture — legacy cards and modern PASSkeys coexist without forcing a big-bang weekend.
  • Procurement reads stability — you describe credential classes, assurance levels, and operational ownership without improvising.
  • Shared semantics with ledger exports — access decisions reference durable identifiers auditors can trace.
Premium credential and reader abstraction — NG-Key platform marketing tile

Depth

Capability coverage

PASSkey & WebAuthn flows

Enrollment patterns that respect enterprise identity providers without turning readers into islands.

NFC mobile keys

Phone-present credentials with lifecycle hygiene aligned to facility reality.

Cards & DESFire profiles

Operational handling for physical media where phones are not universal.

Issuance coupling

Credential events stay narratable alongside doors, schedules, and ledger references.

Motion

How teams roll credentials safely

01

Classify

Define credential families and assurance expectations before mass issuance.

02

Enroll

Drive enrollment through governed channels — Q-Air and operator consoles stay aligned.

03

Bind

Attach cohorts, areas, and schedules so grants compile predictably at readers.

04

Prove

Review issuance and denial stories with audit exports — not screenshots.

Outcomes

Security reviews encounter coherent credential semantics instead of ad-hoc worksheets.

Help desks explain “why this badge fails” with identifiers operators actually recognise.

Executives see credential posture as an ongoing programme — not a launch-week checkbox.

Product preview

Chapter walkthrough

Short cinematic clip for this chapter — muted preview players follow your motion preferences elsewhere on the site.

Platform hub

Platform chapters

Open a chapter for depth and cinematic preview — credentials, readers, and deployment architecture.

Credentials & identifiers

Credentials & identifiers

PASSkeys, NFC mobile keys, cards, DESFire posture — identity surfaces operators can defend.

Open
Readers & cloud path

Readers & cloud path

MQTT-attached readers, reader-resident truth, claim lifecycles — without shadow controllers.

Open
Deployment & scale

Deployment & scale

Tenant-aware rollout patterns, environments, and observability that procurement recognises.

Open

Continue exploring

Switch pillars — facility suite, integrations, ledger evidence, workspace, or platform core.

Platform core Integrations Ledger Facility