• YIP Articles

Why Your Key Card Might Not Be As Secure As You Think

Updated: Aug 12


BY Amelia Kwan



Do you use keycards to access apartments, dormitories, gyms, offices, homes, or hotel rooms? If the answer is yes, chances are you could be putting yourself at risk. In fact, someone could steal your information, clone your card, or track you by reading your keycard or security badge information in a matter of seconds. 


You might be thinking that it takes some kind of device from “Mission: Impossible,” serious hacking skills, or even a computer science degree. It cannot be that easy for someone to simply access your keycard information that quickly, let alone discreetly. Right? 

Not quite. Actually, all it takes is $40 and a sense of discretion any person with common sense would normally have. 


Security badges are ironically not as secure as they sound because they use a technology called Radio Frequency Identification (RFID). Automatic Identification RFID systems operate by identifying users through an RFID tag located inside the badge before granting access. As the name suggests, data can be transferred wirelessly through radio frequencies. 

Fun Fact: RFID technology was first used in World War II to help distinguish between allied and enemy aircrafts. 


So, how can anyone just read the information on a key card? Given that RFID uses radio technology to transmit data, it can be easily accessed by certain tools developed specifically for reading them without authorization. While higher security RFID tag systems can encrypt broadcasted data, many companies opt out to lower costs. What this means is that anyone can access the data with these devices simply by standing within a couple feet of the card. 

If you are slightly more tech-savvy, you could even take the card information and clone it to make a duplicate card, or take biometric data such as fingerprints or iris information and replace it with your own. 


If you do not want to go through the hassle of programming an Arduino and hacking into the system manually, just search the phrase ‘RFID cloning device’ on Google. There are plenty of options available - from simple readers for under $100 to entire ID card printers for just over $1000. That is a frighteningly low price in exchange for the ability to breach the security of an entire system full of sensitive information. 


The simplest form of personal protection against RFID cloning is to use RFID-blocking wallets. These wallets are built with a Faraday cage: a layer of metal that interrupts radio waves and prevents communication between your card and an RFID reader. Despite all this, the risk of being maliciously scanned is relatively low unless you work for the government or have a stalker. RFID tags on credit cards and passports are usually well-protected by data encryption. 


Still, it is better to understand the workings of your own cybersecurity - after all, when it comes to cybersecurity, what you do not know can hurt you. 


Sources: 

  • https://www.gao.gov/new.items/d05551.pdf 

  • https://www.blackhat.com/docs/us-15/materials/us-15-Evenchick-Breaking-Access-Controls-With-BLEK ey-wp.pdf 

  • https://krebsonsecurity.com/2014/08/how-secure-is-your-security-badge/ 

  • https://www.eweek.com/security/hacking-rfid-tags-is-easier-than-you-think-black-hat 

  • https://www.researchgate.net/publication/221016027_Securing_RFID_Systems_by_Detecting_Tag_Cloni ng https://www.atlasrfidstore.com/rfid-beginners-guide/ 

  • http://www.ia.omron.com/support/guide/47/introduction.html 

  • https://www.makeuseof.com/tag/what-are-rfid-blocking-wallets-which-should-you-buy/ 

  • https://www.rfidjournal.com/the-history-of-rfid-technology 



*All arguments made and viewpoints expressed within Youth In Politics and its nominal entities do not necessarily reflect the views of the writers or the organization as a whole.

FOLLOW US ON OUR SOCIALS:

Instagram @youthinpolitics_

Twitter @youthinpolitic_

Subscribe to our mailing list down below



26 views
 

Subscribe Form

  • Instagram
  • Twitter
  • Facebook

©2020 by Youth In Politics. All rights reserved