An article describing the possibility of cloning identification media has recently appeared on an IT-specialized server root.cz. This time it’s not about cloning 125kHz (E/M) media (which is already known to general public), but about cloning ID media operating at 13.56MHz – often presented as secure and uncloneable. This kind of risk has been well known in the professional circles for many years, but has been also neglected by many manufacturers, suppliers and customers.
In most cases, cloning those types of ID media is quite easy for an attacker – they just need to get a few well-documented and available tools. The highest risk is posed by the system operator in cases where a public UID (Unique Identifier) card is used for user identification. Unfortunately, this risk applies to most 13.56MHz identification media, including the latest NFC tags. Another case is the use of MIFARE Classic media, which in most cases can be cloned completely, including the encrypted sector.
IMA systems use secure technology
As one of the largest manufacturers of identification solutions in the Czech Republic, we take great care of the security aspect of our systems. For this reason, we have been drawing the attention of both customers and partners to the risks associated with the use of the above mentioned ID media for many years. At the same time, since 2001, we have been manufacturing and supplying only systems and readers that support encrypted ID media MIFARE DESFire EV1 and EV2 and LEGIC Prime and Advant, which are 100% resistant to misuse or cloning. We are also one of the very few manufacturers that support full implementation of security protocols of these ID media in their devices, including the possibility of their individual configuration. In addition to that, our readers are complemented by an encrypted connection between the reader and the control unit via OSDP protocol to ensure maximum security at all levels. That’s why our systems are certified by the Czech National Security Authority (NBÚ) to the highest level (4 – ‘Top Secret’).
Although security is our priority, our readers and systems support many other exciting features and technologies, such as mobile access or cloud-based management… You can read more about these features on our website.
How can I secure my system?
If for any reason your organization is using our systems in the mode of only reading from UID or using MIFARE Classic ID media; and you are concerned about the security of your existing solution, then please let us know. In most of cases, it will be sufficient to reconfigure the readers and replace the identification media with the secure ones. We even have an affordable solution for customers using third-party control units.
Would you like to learn more about the issue?
Then contact our sales people or experts who will be happy to explain possible risks and ways to effectively prevent them.
The original article can be found at: https://www.root.cz/clanky/bezpecnost-pristupovych-karet-aneb-klonovani-prakticky/
6. 12. 2019