IPVMU Certified | 08/15/14 03:55pm
I think that anyone that claims to make an 'unpickable' lock is foolish, ie: Tobias Exploits Medeco.
The bottom line with iClass vulnerability is that Prox is even more vulnerable and unencoded in open air, yet it continues to be a favorite credential:
The risk of sniffing and cloning is real, no doubt. However, it seems most security managers and integrators think the risk is minor.
I think the best rebutt to the risk here is to employ multiple authentican factors. Require more than one form of validation simulatenously, and the risk of a single stolen credential is minimized.
Inaxsys Security Systems | 08/15/14 09:13pm
Customers purchase iClass and Mifare readers/cards thinking that they are buying the highest level of card security when in reality the card security is not much better than standard 125 Khz prox. If integrity of data and card security is an essential part of your purchasing decision, then the best solution is DESfire.