Which access cards are hacked?
In a previous video we talked about the fact that the security level of some access control cards was compromised. We showed that for a range of proximity cards and unprotected smart cards (IC Type-A) it is fairly easy to copy cards, change card numbers or alter the content of the cards. A logical next question would then be: “Exactly which card types are now considered less secure to use?” We have tried to construct an overview which is presented underneath. But remember: the card is just one element in your security system. And it may very well be appropriate to use one of the cards mentioned below in your system, as long as you are aware of the risks involved and have implemented actions to mitigate those risks. Enabling multi-factor authentication (MFA) in specific security zones by combining card technology with biometrics or a PIN-code (to verify the identity that was presented by the card) would greatly increase the security level.
In this article we only look at the communication between the card and the reader. We do not look at the communication between reader and the access control systems, so the known Wiegand communication vulnerabilities are considered out of scope (since this would affect any card and reader combination that would use that interfacing method with the access panel).
Keep in mind that most card types have a unique identifier (UID) or card serial number (CSN) which can be used as an identifier, but in addition they als have memory spaces (sectors, files, etc.) in which information can be stored. In those memory spaces the content can be protected with a key of a specific length which is linked to an encryption method (like 3DES or AES). Another thing to keep in mind is that some card types from vendors may share the same chip sets but different security measures (like encryption standards, key set up, etc.) can be implemented on them. By far most manufacturers in our industry will be willing and able to provide you with comprehensive information and truthful recommendations. This article is only meant for educational purposes and to raise awareness. We explicitly do not promote or consent with the illegitimate or unethical use of information that is presented here. Information in this article is not new. In fact, most security flaws of commonly used cards were exposed over a decade ago.
What does it mean if a card is hacked?
We should ask ourselves what it exactly means if a ‘card is hacked’? What is the consequence for our security level. That is why we propose a categorization of known security vulnerabilities:
- A = Protection against cloning (spoofing, emulating) the UID or CSN is compromised or limited by design
- B = Protection against altering the content of the card is compromised or limited by design
- C = Protection may be compromised depending on the specific card and reader configuration and setup
- D = There is currently no documentation that the protection was compromised
Type A vulnerabilities would enable third parties to (easily) copy or emulate your cards, allowing unauthorized carriers (mostly people) to get access. Proximity cards often do not support (or promote) storing information on the card apart from the carrier ID.
Type B vulnerabilities would enable third parties to copy or emulate your cards, allowing unauthorized carriers (mostly people) to get access, even if the identifier is stored in a protected memory space (which is the case for most smart cards). And altering the content of these memory spaces would also allow third parties to change the value of whatever is stored in that space: a monetary value, offline access rights, clearance levels, etc.
Type C vulnerabilities are a little fuzzy. In some cases the protection level of the basic setup of the card and reader combination may be compromised. The manufacturer may have acknowledged this and has launched alternative configurations and setups to increase the security level. In case of doubt, please consult with your supplier and request to be informed adequately.
Type D card-reader combinations currently are not publicly known to be vulnerable to cloning, spoofing, emulating or tampering. It would however be smart to assume that any security system potentially can be breached, including the security measures implemented in the card of your choice. But in this case no particular security breach has not been publicized online in a location that is available to the general public. We would advise to check with your supplier if firmware and software can be upgraded safely and remotely in case of future incidents. It is also advisable to verify if the encryption key management infrastructure is fitting your requirements.
Common cards and their current security status
Here is an overview of card types that were or are still very popular in physical access control and their current security level as we perceive it:
EM Proximity Cards (EM 4100, EM4200, etc.) – A
EM cards have been tremendously popular for many years. The traditional 120 kHz proximy cards that use widely available EM chips are not considered secure anymore.
HID Proximity – A
HID Global rightfully claims that “Proximity card readers from HID Global have long served as a popular entry-level option for physical access control.” It is a widely available and flexible technology that supports many form-factors using a 125 kHz RFID frequency. The security level of the card technology itself is currently considered low.
HID iCLASS – C
HID iCLASS was introduced as the more secure successor of HID Proximity, using the 13,56 MHz RFID frequency. It supports reading and writing. It is advised not to use the UID of the cards as a single identifier. The 3DES encryption based protection topology has been documented online as vulnerable, especially when using pre-programmed cards in standard security mode. It is advised to use system specific security keys. HID iCLASS security has been compromised and third parties have released iCLASS compatible products. HID iCLASS card copiers are however not widely available.
HID Seos – D
HID describes Seos as the next generation of credential technology. It is using the latest encryption standards and is primarily software based. Seos is the best that HID Global currently has to offer when it comes to securing their credentials. An additional benefit is that the security topology can be used across multiple platforms and in different form factors, including their mobile platform. Seos is not an industry standard and a proprietary HID Global development.
Legic Prime – B
Legic Prime 13,56 MHz cards were widely used and have been very popular since their introduction in 1992. Legic Prime’s security flaws are extensively documented.
Legic Advant – D
Legic Advant is the current Legic standard for smartcard IC’s. Advant as chip are classic memory smartcard ICs for smartcards (badges), key fobs, keys and other identification media. Advant as an application can be installed on cards with OS (like credit cards).
Legic Connect – D
Legic Connect is a software service that supports using virtual credentials on mobile devices in a secure way.
Nedap Cards – C/D
Nedap’s proximity cards operate at 125 kHz and they have been around as long as HID Proximity cards. In standard mode they are potentially as vulnerable as other proximity cards, but no documentation of security vulnerabilities has been presented online. Later generation Nedap cards also support 3DES encryption to increase the security level.
NXP MIFARE Classic – B
The hack of MIFARE Classic was big news in the industry in 2008. The CRYPTO-1 algorithm was reverse engineered and this card type has since not been perceived as a secure card option. It’s price and simplicity however have led to continued use of this card and reader IC.
NXP MIFARE DESFire – D
Based on open global standards for both RF interface and cryptographic methods, the MIFARE DESFire product family provides highly secure microcontroller-based ICs. Its name DESFire references the use of DES, 2K3DES, 3K3DES, and AES hardware cryptographic engines for securing transmission data. Perceived as the successor of MIFARE Classic. Current prodyct type is MIFARE DerSFire EV2 which support CC EAL5+.
NXP MIFARE Plus – D
MIFARE Plus is the IC-family that supports the possibility to issue smart cards, being backward compatible with MIFARE Classic, into existing system environments prior to infrastructure security upgrades. After the security upgrade, the MIFARE Plus products use AES security for authentication, data integrity, and encryption that is based on open, global standards.
NXP MIFARE Ultralight – B/D
MIFARE Ultralight based tickets are positioned as a solution for low-cost, high-volume applications such as public transport, loyalty cards, and event ticketing. A RFID-based solution as an alternative to using barcodes or QR-codes. MIFARE Ultrlight EV1 and Ultralight Nano are not positioned or designed as a secure access control option. MIFARE Ultralight C however is supporting 3DES cryptography.
Sony FeliCa – D
The FeliCa based cards and reader have achieved ISO/IEC 15408 EAL4/EAL4+ security level, the international criteria to measure the security level of a system. It is widely used in Japan other regions in public transport and security.
UHF EPC Gen2 (RAIN RFID) – C/D
UHF Tags equipped with EPC Gen2 chips (from several manufacturers) are widely used in vehicle identification. These tags also come in the shap of cards, including combi-cards with conventional technology. Most tags that are currently used have modest protection against spoofing or tampering. The most recent EPC Gen2v2 standard hower is adding extra security measures, including encryption. We advise to use EPC Gen2v2 cards and tags, for example with NXP UCODE DNA chips.
We have tried listing cards that are currently still widely in use in security installations. Are you missing a card or do you have suggestions, remarks or questions? Let us know underneath or contact us!