Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Close
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
84690members
354060posts

HID access cards security

EcoStruxure IT forum

A support forum for Data Center Operation, Data Center Expert, and EcoStruxure IT product users to share knowledge on installation, configuration, and general product use.

Solved
DCIM_Support
Picard
Picard
0 Likes
5
640

HID access cards security

This question was originally posted on DCIM Support by mike sutton on 2019-02-04


Hi I wonder if someone can give me some advice please, 

We have a client who has multiple locations with Botz 170 rack access kits fitted and also Botz 250 rack access kits fitted and the following question has arisen during a security check:

"In a security review it has been made apparent that some proximity cards are not secure and can be easily cloned. I have been asked to see if the APC cards we use have any sort of security on them to help prevent this."

Can anyone shed any light on this??

 

TIA 

Mike

(CID:139691809)


Accepted Solutions
DCIM_Support
Picard
Picard
0 Likes
2
640

Re: HID access cards security

This answer was originally posted on DCIM Support by Steven Marchetti on 2019-02-04


Hi Mike,

 

The cards we use are HID H10301. We purchase them HID and do not make our own. I do not have any further model information. I do know that some cards can have extra information written to them but all that the NetBotz device reads is the card number. If you can read the card and you have another card with that number, or, you can write that card number, you would be able to use that for access. I can tell you that although other information is writable, I do not believe that by default the card's ID number is editable.

In any case, I will forward your concerns on to my engineers to see if they have a better answer for you. I'll get back when I hear more.

 

Thanks,

Steve 

(CID:139691884)

See Answer In Context

5 Replies 5
DCIM_Support
Picard
Picard
0 Likes
0
640

Re: HID access cards security

This comment was originally posted on DCIM Support by mike sutton on 2019-02-04


They have sent me the following link containing info about this 

https://www.getkisi.com/blog/hid-keycard-readers-hacked-using-wiegand-protocol-vulnerability

 

(CID:139691880)

DCIM_Support
Picard
Picard
0 Likes
2
641

Re: HID access cards security

This answer was originally posted on DCIM Support by Steven Marchetti on 2019-02-04


Hi Mike,

 

The cards we use are HID H10301. We purchase them HID and do not make our own. I do not have any further model information. I do know that some cards can have extra information written to them but all that the NetBotz device reads is the card number. If you can read the card and you have another card with that number, or, you can write that card number, you would be able to use that for access. I can tell you that although other information is writable, I do not believe that by default the card's ID number is editable.

In any case, I will forward your concerns on to my engineers to see if they have a better answer for you. I'll get back when I hear more.

 

Thanks,

Steve 

(CID:139691884)

DCIM_Support
Picard
Picard
0 Likes
0
640

Re: HID access cards security

This comment was originally posted on DCIM Support by Steven Marchetti on 2019-02-07


Hi Mike,

 

Product management responded to me stating:

While 125 kHz cards are still the most commonly used badge access solution, there are known cloning methods, as indicated in the blog you’ve linked. We introduced the NBACS1356 in 2017 so our customers would have access to a 13.56 MHz cards solution, which is more resilient to cloning attempts, in addition to the standard 125 kHz (NBACS125) solution. The NBPD0170 pods currently only support 125 kHz handles but we plan on introducing 13.56MHz in a pod option as well.

(CID:139693295)

DCIM_Support
Picard
Picard
0 Likes
0
640

Re: HID access cards security

This comment was originally posted on DCIM Support by Andrey Ivashov on 2019-02-11


introducing 13.56MHz in a pod option as well - this is the good news!

The mentioned resource https://www.getkisi.com is very informative.

As I understand the NetBotz 250 13.56MHz and Corporate 1000 (HID) is the best choice considering security by the moment.

 Recently I was looking for the cards that support both 135KHz and 13.56MHz in a single form-factor. Found several proposals locally and with international shipping. They can clone almost everything and it's the whole industry problem not NetBotz. A good point that my customer now uses a single badge to access "old" and "new" racks.

(CID:139694349)

DCIM_Support
Picard
Picard
0 Likes
0
640

🔒 Closed

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.