Is my standard proximity access control secure?


Is your standard proximity access control secure?

If your organization is using legacy 125khz proximity card technologies to manage access control into your facilities, you may be at risk to the vulnerability of having these cards cloned. Cloning proximity cards is as easy as having a physical key cut at the lock shop. In fact, walk into a Bed Bath and Beyond, Rite Aid or other retailers who now have self-service proximity card replicators called Key Me ( or anyone can purchase a cloner on Amazon for less than $25.

The 125khz vulnerability is real and organizations that continue to use this technology should be on alert to consider developing plans to migrate away from this technology to a more secure Smart Card solution such as HID’s iClass SEOS or Mifare DES Fire EV1 which uses an encrypted 13.56 MHz frequency. Manufacturers such as HID, who is the world’s leading provider of card and credential technologies, is making efforts to educate the public of this vulnerability.  In reality, this education should be coming from your security integrator or consultant who are best positioned to work with you and the manufacturers to assist with developing a mitigation plan.

The development of migration plans can be complex.

It’s not as easy as just replacing the cards themselves. Card readers must be compatible with these new secure credentials and other infrastructure changes may be needed. The development of a migration plan is critical to the success for creating a pathway using transitional multi-technology readers and cards to allow the cost to be spread over multiple budget cycles. Working with your trusted security solutions provider is a must who can help you with the pitfalls.

Once transitioned to the new world of the secured credential, many other benefits may now be realized as data and information can also be stored on the card to allow for computer and network authentication, cashless vending, biometric template storage, and many other uses.

So, is this technology “good enough”?

Please reconsider as awareness and publicity of this vulnerability is spreading fast. Don’t find out the hard way. SRMC has worked with many of our clients to assist with and develop migration plans to a new secure credential. Please contact us to discuss your situation and needs.

Ryan Magada