The full release of Aliro 1.0 by the Connectivity Standards Alliance signals that the new industry standard for secure & interoperable access control is ready to offer a convenient alternative to proprietary solutions
The industry has long envisioned a truly connected world [AP1.1]where our mobile devices serve as a universal digital key to allow us freedom of movement between our homes, workplaces and public spaces. A universal mobile wallet with valid credentials would give users the freedom to make payments, access open-loop transit systems, and unlock doors in residential, commercial or hospitality settings. Turning this vision of a universal mobile wallet into reality requires a unified standard for access control to guarantee interoperability and security requirements considered critical for use cases with high turnover and complex ecosystem integrations. The release of Aliro 1.0 in February 2026 represents a key milestone for device makers who promised their customers interoperable access control experiences and are ready to deliver a fully standardized solution.
A new industry standard from the experts behind Matter and Zigbee
The Connectivity Standards Alliance (Alliance), the industry-backed group behind well-known IoT standards Matter and Zigbee, recently released Aliro 1.0: a fully standardized credential format and secure communication protocol that defines how smartphones, wearables, and smartcards securely exchange digital wallet credentials with access control readers to reliably grant or deny access.
The release of Aliro 1.0 follows a proven model: the same experts from leading mobile platforms, silicon providers, and IoT device makers behind the standards that delivered a unified IoT ecosystem have now released a standard for access control to ensure unified behavior across devices and deployment models. As a member of the Aliro Working Group, STMicroelectronics contributed expertise and application examples to ensure the specification leverages wireless connectivity technologies supported in smartphones already in users’ hands. ST has also made available engineering resources to ease implementation of the Aliro protocol and compliance testing for market-ready products.
In addition to the full Aliro 1.0 specification, the Alliance released comprehensive test suites and implemented a robust certification program to give device makers and integrators a clear path to validate interoperability and security claims prior to the commercialization of Aliro-compliant designs.
Recent announcements from mobile platform leaders, silicon vendors, and access control device makers about Aliro—ranging from planned digital wallet integration to Aliro-compliant reference designs and commercialization plans--indicate broad industry support for a unified access control standard and cooperation between ecosystem partners to prepare for the first real-world deployments.[AP2.1]
A unified access control standard that supports multiple connectivity technologies
To accommodate the widest possible range of user devices and installation scenarios--such as short-term rentals, commercial venues, or co-working spaces--Aliro 1.0 defines a transport layer that can run over multiple wireless connectivity technologies:
Near Field Communication (NFC) for secure access with a simple tap from a smartphone, wearable device, or smartcard. This optimized configuration is ideal for close-range “tap-to-unlock” use cases.
Bluetooth® Low Energy for longer-range communication, enabling doors to unlock as users approach within a range of 100 meters, with NFC technology present as a reliable fallback option when the user device is offline or in areas with poor signal coverage such as parking structures, elevators, or shielded installations.
NFC and Bluetooth® LE combined with Ultra-wideband (UWB) for precise localization and hands-free authentication.
The multiple configurations supported by Aliro 1.0 give device makers the flexibility necessary to design solutions for real-world access control scenarios and installation constraints while ensuring ecosystem interoperability.
All Aliro-compliant designs require secure data exchange based on asymmetric key cryptography. This requirement ensures that every transaction between a user device and an access control reader is genuine, confidential, and resistant to cloning or replay attacks. To ensure a high level of security for large-scale IoT deployments, a certified secure microcontroller is strongly recommended to protect stored certificates and credentials for cases where vulnerable installations may be exposed to physical tampering or remote logical attacks.
The flexibility to combine standard connectivity and security building blocks positions Aliro 1.0 as a practical blueprint for engineers who need to design access control readers that are suitable for real-world use cases while ensuring the unified ecosystem remains interoperable.
Accelerate deployment of new access control devices with Aliro 1.0
Aliro-compliant reader designs will be interoperable with user devices that support the access control standard, eliminating the need for engineers to maintain multiple protocol stacks and complex integrations for different customers or regional ecosystems that can delay the rollout of new access control designs.
By standardizing how access control readers and user devices with access credentials communicate, Aliro offers device makers a common technical foundation that is not based on proprietary technology. Instead of locking solution providers into a proprietary ecosystem based on a closed protocol, Aliro is an industry-backed communication protocol with clear technical requirements that can be implemented by any compliant device.
By mitigating protocol fragmentation and redundant integrations, we can expect Aliro to eliminate some barriers to market entry and help device makers to accelerate their design cycles: design for standard compliance once and scale up fast for deployment across millions of residential, commercial or hospitality installations around the world without compromising security or interoperability.
Device makers who are ready to implement Aliro 1.0 can choose to work with their preferred semiconductor technology partner able to provide everything needed to build Aliro-compliant access control readers: a competitive portfolio of security & connectivity products with long-term availability commitments, complete ecosystem with hardware development tools and ready-to-use software development kit (SDK), and expert resources to accelerate the validation and certification process. As Aliro moves into the commercial rollout phase, the relationship between access control device makers and semiconductor vendors will play a key role in turning the specification into robust, scalable and interoperable products.
Author: Patrick Sohn, ST25 NFC Tags & Readers marketing and ecosystem applications manager, STMicroelectronics 
