Let’s say we dealing with a large legacy electronic access control implementation that one wants to move to newer, more secure technology. The implementation of "multi-class" / multiple technology credentials and/or readers is common to facilitate the change over time. Assume the legacy is 125 kHz cards/readers with ye ol' 26-bit Wiegand. Assume hundreds of credentials are already assigned and hundreds of 125KHz-only readers deployed. Forklifts aren't possible due to time and money but we need to start moving in a better direction ASAP. Card skimming/spoofing is not very difficult with the older tech. Yes, it also plausible for some of the newer stuff out there but due to it being more difficult it’s arguably a decreased risk. So even though one might be rolling newer technologies with higher-security features (encryption), it seems that as long as that newer stuff is multi-tech capable that someone could always still exploit the older "side" if the multi-tech card to use with the older "side" of the multi-tech reader. Only when all readers or credentials are the newer selected (as secure as it gets) technology and ONLY that technology instead of a multi-tech concept do you alleviate the baggage of the security gap. Am I missing something with this line of thinking?