Access Control Systems and Card Readers – Supported Systems and Requirements
This article is aimed at property companies, building managers, and system integrators who are planning or evaluating access control in buildings where Welcome is used. It provides an overview of which access control systems Welcome integrates with, which card readers we recommend, which requirements must be met to support mobile access via Apple Wallet and Google Wallet, and which technical prerequisites must be in place in the building.
Background: from plastic cards to mobile access
Traditional plastic cards and key fobs have long been the standard for access control in commercial buildings. Advances in mobile technology now open the door to a reality where physical cards are replaced by digital credentials in Apple Wallet and Google Wallet, and the mobile phone becomes the only "key" tenants need.
For property companies, this shift creates a more secure, user-friendly, and cost-effective building environment — free from plastic cards and with minimal administration. To succeed, the access control system and card readers must support NFC, BLE, and modern certification standards. The choices made today determine how easy it will be to adopt future features and
integrations.
Access control systems Welcome integrates with
Welcome has working integrations with more than 20 access control systems. The table below shows recommended minimum versions. The vendor must confirm that the installation meets the version requirement before integration is set up.
System | Producer | Minimum version |
ARX | ASSA ABLOY | 4.9 or newer |
Salto ProAccess Space | Salto | 5.7.x or newer |
Lenel OnGuard | LenelS2 | 8.0 or newer |
Genetec Security Center | Genetec | To be clarified per project |
C•CURE 9000 | Software House | 2.7 or newer |
Pro-Watch | Honeywell Security | 6.0 or newer |
Gallagher Command Centre | Gallagher Security | 8.90 or newer |
AMAG Symmetry | AMAG | 2.7 or newer |
NEDAP AEOS | NEDAP | 2019.1 or newer |
Inner Range Integriti | Inner Range | To be clarified per project |
Brivo | Brivo | Cloud service |
Kisi | Kisi | Cloud service |
Paxton Net2 | Paxton | To be clarified per project |
Tyco Kantech | Tyco | To be clarified per project |
C4 | Gamanet | 2019 SP1 or newer |
ZKTeco | ZKTeco | To be clarified per project |
ARX er ledende sikkerhetssystem i Norden og det vanligste valget i norske yrkesbygg. Mangler systemet ditt i listen? Ta kontakt – vi vurderer nye integrasjoner fortløpende.
Viktige punkter ved valg av system
Fremtidssikring: Velg et system som støtter mobil- og skybasert autentisering.
Integrasjon med Welcome: Det valgte systemet må kunne integreres sømløst med Welcome via REST API eller tilsvarende åpen protokoll.
Skalerbarhet: Sørg for at systemet kan tilpasses bygningsporteføljens størrelse og behov, både i dag og fremover
Card reader requirements
Both Apple and Google offer the ability to store digital access cards in their respective wallets (Apple Wallet and Google Wallet). For mobile access to work reliably, card readers must meet the following requirements:
NFC support
NFC (Near Field Communication) is a wireless technology that transfers data at very short range, typically a few centimetres. For mobile access control, this means a smartphone can be held up to a card reader to authenticate the user. When card readers support NFC, they can read digital keys from Apple Wallet or Google Wallet and grant access in the same way as a physical card.
Why it matters: Without NFC, the mobile phone cannot communicate securely and effectively with the card reader. NFC is the core technology for contactless data transfer in mobile access
solutions.
ECP readiness (Enhanced Contactless Polling)
ECP optimises communication between the mobile device and the card reader, making data exchange faster and more reliable. This includes rapid initialisation of contactless communication
and efficient handling of multiple security protocols.
Why it matters: Without ECP, users may experience delays, errors, or unstable connections. ECP readiness ensures the mobile key is read quickly and that the user experience is smooth.
Apple certification (MFi)
MFi stands for "Made for iPhone/iPad" and is Apple's own certification programme for hardware designed to work closely with Apple devices. Card readers intended for use with Apple Wallet require an MFi licence, which guarantees the product meets Apple's technical and security requirements.
Although Google does not have an equivalent formal certification requirement, manufacturers must still ensure that readers are tested and approved for Google Wallet functionality, including the relevant NFC standards.
Why it matters: Without MFi certification, Apple Wallet functionality will not work reliably, and Apple devices may block or restrict access.
Future compatibility
The access control industry is evolving rapidly, with new NFC protocols, stricter encryption standards, and increasing requirements around privacy (GDPR) and security. If the card reader is not built to handle future standards, the property company risks having to replace the entire system at a later stage.
Why it matters: Robust hardware and a good update cadence extend the lifespan of the solution and ensure it supports new features and security requirements as they emerge.
Two requirements that must both be met: reader AND credential
A common misconception is that it is enough for the card reader to support Apple Wallet and Google Wallet. That is not the case. For a user to open a door with their phone, two independent components must be compatible:
The card reader must be able to read Wallet credentials (NFC, ECP, MFi certification — as described above)
The digital access card (credential) itself must be issued in a format that can be added to Apple Wallet and Google Wallet, and must work seamlessly with the reader
Both platforms must be supported. Norwegian commercial buildings have a mixed user base of iPhone and Android devices, and a solution that only works for one of them creates friction in daily use and extra work for building management.
Credential provider status
The market is moving, and credential support often lags behind reader support. At present, we see the following:
HID Mobile Access (Origo / Seos) — credentials work in both Apple Wallet and Google Wallet. This is the only option in our portfolio that is fully production-ready on both platforms
STid — does not yet have credentials in production for Apple Wallet or Google Wallet. Mobile use today is via STid's own app/BLE
Wavelynx — supports Apple Wallet in production, but NFC credentials for Google Wallet are not yet fully ready
Salto, Brivo, Gallagher, LEGIC and others — generally offer mobile access via their own apps rather than Apple/Google Wallet. Works well technically, but provides a different user experience
The picture changes on an ongoing basis. We recommend that property companies confirm the current status with Welcome before ordering, especially if Wallet support on both platforms is a must-have for the project.
Recommended card readers
Leverandør | Modell | Apple Wallet | Google Wallet | Merknad |
HID | Signo 20 / Signo 20K | ✅ | ✅ | The most modern series. Preferred for new projects. HID Mobile Access works in both wallets |
HID | Signo 40 / Signo 40K | ✅ | ✅ | Like Signo 20, with integrated keyboard |
HID | iCLASS SE | ✅ | ✅ | For use in existing installations. Models prior to 2019 may not support Wallet. Compatibility is confirmed with HID based on serial number (S/N) |
HID | Other devices / OEM | Varies | Varies | HID offers devices with embedded chips that read Wallet and BLE cards (secure printing, handheld readers, OEM modules). Contact Welcome for compatibility clarification |
STid | Architect Blue | ✅ | ❌ Ongoing | Google Wallet credentials not in production yet. Mobile usage today is via NFC in app |
Wavelynx | Ethos-series | ✅ | ⚠️ Ongoing | Google Wallet credentials not in production yet. Mobile usage today is via NFC in app |
Brivo | Smart Readers | App based | App based | Uses Brivo Mobile Pass via its own app, not Apple/Google Wallet. The range includes the Brivo Door Station with facial recognition |
Salto | XS4 / XS | App based | App based | Family of electronic locks and wall readers. Mobile access via Salto JustIN app |
Gallagher | T-Series | App based | App based | Mobile credentials via Gallagher Mobile Connect-app |
LEGIC | LEGIC Connect compatible readers | App based | App based | Secure contactless authentication via LEGIC Connect |
Key: ✅ In production · ⚠️ Partial / must be verified · ❌ Not yet available · App-based: Mobile access via the vendor's own app, not via Apple/Google Wallet.
Verification via Apple's MFi search
Before purchasing or installing, check the make and model in Apple's MFi search. Only card readers listed there support Apple Wallet. Most Apple-certified readers are also compatible with
Google Wallet.
Certification applies to specific models and firmware versions, not the manufacturer in general. Always verify the specific model.
The trade-off around reusing existing readers
Reusing existing card readers can be a positive step for sustainability, but may also limit the advanced features and services available to tenants. If the readers do not meet NFC support, ECP readiness, or MFi compatibility requirements, the property company cannot offer full mobile access or the security benefits that modern solutions provide.
This creates a trade-off between sustainable reuse and achieving the functionality and user experience that today's technology demands. Experience shows it is worth upgrading readers at lease renewals or major refurbishments, rather than holding back digital services for the entire building.
Technical prerequisites
For the integration between Welcome and the access control system to work reliably, the following must be in place:
Server integration
Welcome integrates with the access control system server. The system must support modern APIs (REST/JSON, or alternatively SOAP) or other open protocols for communication. All API licences required for the integration must be included in the vendor's offer, including one-off licences, ongoing maintenance, and any transaction costs.
Internet and remote access
The access control system must be accessible via the internet or VPN for remote administration, support, and updates. Welcome uses Tailscale for secure remote access and requires this to be installed on the server.
Continuous internet connection
The system must have an active internet connection to receive updates and communicate with Welcome and the card reader manufacturers' cloud services (HID, STid, etc.).
Recommended approach
Confirm the access control system — check that the system and version are on the list of supported systems.
Choose an Apple-certified reader — verify the specific model via MFi search and confirm it is ECP ready.
Clarify API licences and network requirements — ensure the vendor clearly sets out all costs related to API access and that server, internet, and VPN requirements are addressed.
Coordinate with Welcome before ordering — we assess compatibility for specific combinations of reader and access control system, so you avoid costly replacements later.
If you have questions about a specific combination, or whether your system or readers are on the list, get in touch with us.
Need help?
Chat with us via the AI chat at the bottom right of the screen, or send an email to support@welcomeworkdays.com.
