From Emerging to Mature Markets: How Identity Is Redefining the Future of Access Control
Table of contents
- From Devices to People
- There Is No Single “Best” Identity
- Experience Drives Adoption More Than Technology
- Mobile Is Becoming the Bridge
- Biometrics: Built for Assurance
- Podcast: The Identity Experience
- Emerging vs Mature Markets: Different Paths, Same Direction
- Designing for Flexibility, Not Fixation
For decades, access control has been defined by devices: cards, readers, keypads, and doors. Identity was little more than a number tied to a credential.
That model is changing.
In a recent TMT with IDCUBE conversation, Rishi sat down with Lee Odess, one of the industry’s most respected voices on access and identity, to unpack where physical access is headed and why the future belongs to platforms that put people, choice, and experience at the centre.
What emerged wasn’t a discussion about replacing one credential with another. It was a broader shift in mindset: access control is evolving into an identity platform for the physical world.
From Devices to People
Historically, access control systems have been built around hardware. We started with cards and readers, added biometrics, experimented with QR and mobile, but the core question always remained device-first: Which credential are you using?
Lee reframed this entirely.
The next generation of access systems won’t begin with devices. They’ll begin with who the person is.
In this model, identity becomes the system of record. Access control acts more like an operator, executing actions such as lock, unlock, notify, or audit; based on verified identity and policy. The doors become endpoints. The intelligence lives in identity.
This shift mirrors what already happened in the digital world. Physical access is simply catching up.
There Is No Single “Best” Identity
One of the strongest themes from the conversation was modality of choice.
Cards aren’t disappearing overnight. Biometrics aren’t universally accepted. Mobile credentials are rising fast; but not everywhere, and not for every use case. QR codes work well in some cultures and verticals, less so in others.
Lee’s view is pragmatic: there is no universal “ideal” identity.
Instead, modern access platforms must support multiple modalities:
- Cards for environments that value simplicity
- Mobile for seamless experience
- Biometrics where assurance matter
- QR or NFC where convenience drives adoption
The winning systems will be the ones that allow organisations to mix and match these experiences based on user expectations, industry needs, and cultural norms, not force everyone into a single method.
In other words, access is becoming personalised.
Experience Drives Adoption More Than Technology
A powerful insight from the discussion was that technology alone doesn’t determine success, user experience does.
A cinema, an office, an airport, and critical infrastructure all demand very different security postures and access journeys. What feels natural in one environment may feel intrusive in another.
Lee highlighted how adoption varies dramatically by region as well. For example, QR-based access feels normal in parts of Asia for some verticals, while other markets lean more heavily on cards or mobile credentials. These differences aren’t technical, they’re cultural.
The takeaway is simple: access control must adapt to people, not the other way around.
Systems that ignore experience will struggle to gain acceptance, no matter how advanced they are.
Mobile Is Becoming the Bridge
While multiple identities will coexist, mobile is emerging as a powerful connector.
Why?
Because mobile already carries trust. Users are comfortable unlocking phones with face or fingerprint, installing apps, and managing digital credentials. This familiarity allows mobile to act as a bridge between traditional access and newer identity-driven models.
Mobile enables:
- Remote credential issuance
- Built-in biometrics without dedicated readers
- A smoother, app-based experience
In many ways, mobile helps tell the story that standalone biometrics struggled to tell on their own, making advanced identity feel approachable rather than intimidating.
Biometrics: Built for Assurance
Biometrics sparked one of the most nuanced parts of the conversation.
Lee was clear: biometrics absolutely have a place, and their real value lies in assurance and safety.
Biometrics are best suited for critical environments where certainty matters more than convenience: data centres, research labs, secure facilities, and high-risk operational zones. These are spaces where organisations must be confident not just that someone gained access, but that it was the right person.
At the same time, biometrics carry historical baggage around privacy and misuse. In some regions, regulation and public perception slow adoption. In others, organisations are more comfortable deploying them in tightly controlled contexts.
The key takeaway isn’t to use biometrics everywhere.
It’s to deploy them where assurance is essential, alongside other identity options, always with transparency, consent, and strong data protection.
In modern access strategies, biometrics become one layer in a broader identity framework, not a universal replacement for cards or mobile credentials.
Emerging vs Mature Markets: Different Paths, Same Direction
Another compelling perspective was how the emerging and mature markets adopt access technology differently.
Emerging markets often leapfrog legacy systems, moving straight to cloud and mobile-first experiences. Mature markets tend to adopt more cautiously, balancing innovation with regulation and existing infrastructure.
But despite these differences, both are converging toward the same destination:
- Digital identity
- Hybrid access models
- User-driven experiences
- Integrated physical and digital platforms
The pace varies. The direction does not.
Designing for Flexibility, Not Fixation
Perhaps the most important lesson from Lee’s perspective is this: future-ready access control isn’t about betting on one credential or one technology.
It’s about building platforms that are flexible by design.
Enterprises should be asking:
- Can this system support multiple identities?
- Can it evolve as user expectations change?
- Can it adapt across industries and regions?
- Can it integrate with broader IT and identity ecosystems?
Rigid systems that lock organisations into a single approach will struggle. The future belongs to platforms that embrace choice, context, and continuous evolution.
Closing Thought
Access control is no longer just about securing doors.
It’s about enabling people safely, seamlessly, and intelligently.
As Lee articulated, we’re entering an era where identity becomes the foundation of physical access, experience becomes a differentiator, and flexibility becomes essential. Organisations that recognise this shift early will be far better positioned to meet the expectations of tomorrow’s workforce and customers.
