HID access cards security

DCIM_Support · ‎2020-07-05

This question was originally posted on DCIM Support by mike sutton on 2019-02-04

Hi I wonder if someone can give me some advice please,

We have a client who has multiple locations with Botz 170 rack access kits fitted and also Botz 250 rack access kits fitted and the following question has arisen during a security check:

"In a security review it has been made apparent that some proximity cards are not secure and can be easily cloned. I have been asked to see if the APC cards we use have any sort of security on them to help prevent this."

Can anyone shed any light on this??

TIA

Mike

DCIM_Support · ‎2020-07-05

This answer was originally posted on DCIM Support by Steven Marchetti on 2019-02-04

Hi Mike,

The cards we use are HID H10301. We purchase them HID and do not make our own. I do not have any further model information. I do know that some cards can have extra information written to them but all that the NetBotz device reads is the card number. If you can read the card and you have another card with that number, or, you can write that card number, you would be able to use that for access. I can tell you that although other information is writable, I do not believe that by default the card's ID number is editable.

In any case, I will forward your concerns on to my engineers to see if they have a better answer for you. I'll get back when I hear more.

Thanks,

Steve

See Answer In Context

DCIM_Support · ‎2020-07-05

This comment was originally posted on DCIM Support by mike sutton on 2019-02-04

They have sent me the following link containing info about this

https://www.getkisi.com/blog/hid-keycard-readers-hacked-using-wiegand-protocol-vulnerability

DCIM_Support · ‎2020-07-05

This answer was originally posted on DCIM Support by Steven Marchetti on 2019-02-04

Hi Mike,

The cards we use are HID H10301. We purchase them HID and do not make our own. I do not have any further model information. I do know that some cards can have extra information written to them but all that the NetBotz device reads is the card number. If you can read the card and you have another card with that number, or, you can write that card number, you would be able to use that for access. I can tell you that although other information is writable, I do not believe that by default the card's ID number is editable.

In any case, I will forward your concerns on to my engineers to see if they have a better answer for you. I'll get back when I hear more.

Thanks,

Steve

DCIM_Support · ‎2020-07-05

This comment was originally posted on DCIM Support by Steven Marchetti on 2019-02-07

Hi Mike,

Product management responded to me stating:

While 125 kHz cards are still the most commonly used badge access solution, there are known cloning methods, as indicated in the blog you’ve linked. We introduced the NBACS1356 in 2017 so our customers would have access to a 13.56 MHz cards solution, which is more resilient to cloning attempts, in addition to the standard 125 kHz (NBACS125) solution. The NBPD0170 pods currently only support 125 kHz handles but we plan on introducing 13.56MHz in a pod option as well.

DCIM_Support · ‎2020-07-05

This comment was originally posted on DCIM Support by Andrey Ivashov on 2019-02-11

introducing 13.56MHz in a pod option as well - this is the good news!

The mentioned resource https://www.getkisi.com is very informative.

As I understand the NetBotz 250 13.56MHz and Corporate 1000 (HID) is the best choice considering security by the moment.

Recently I was looking for the cards that support both 135KHz and 13.56MHz in a single form-factor. Found several proposals locally and with international shipping. They can clone almost everything and it's the whole industry problem not NetBotz. A good point that my customer now uses a single badge to access "old" and "new" racks.

DCIM_Support · ‎2020-07-05

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.