Prox vs. iClass Explained
Author: Brian Rhodes, Published on Jul 12, 2013
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.
Related Reports
Dedicated Vs Converged Access Control Networks (Statistics)
on Apr 20, 2018
Running one's access control system on a converged network, with one's computers and phones, can save money. On the other hand, hand, doing so can...
Worst Access Control 2018
on Apr 18, 2018
Three access control providers stood out as providing the most problems for integrators.
In this report, we analyze the answers to:
"In the...
Key Control For Access Control Tutorial
on Apr 16, 2018
End users spend thousands on advanced systems to keep themselves secure, but regularly neglect one of the lest expensive yet most important aspects...
Alarm.com Business Market Expansion
on Apr 13, 2018
Alarm.com has millions of subscribers, but the company has traditionally been mostly a residential/home focused offering. ADC's new Smart Business...
Average Access Control Project Size 2018
on Apr 10, 2018
The most common access control project size is 5 - 16 doors per project. This 2018 result mirrors previous statistics, most recently in 2016...
ISC West 2018 Access Control Rundown
on Apr 06, 2018
For ISC West 2018, what is new and interesting in access control?
This rundown will bring you up to speed on the exhibitors, what they are...
VMS New Developments Spring 2018 (Avigilon, Exacqvision, Genetec, Hikvision, Milestone, Network Optix)
on Apr 04, 2018
What's new with VMS software? In this report, we examine new features and releases for Spring 2018 to track different areas of potential...
Forced Door Alarms For Access Control Tutorial
on Apr 04, 2018
One of the most important access control alarms is also often ignored.
"Forced Door" provides a vital and even critical notification against...
The 5 Major Lock Profiles Guide - Euro, Oval, KIK, Interchangeable Core, Mortise
on Apr 03, 2018
Locks are used everywhere, but they are not all the same. In fact, even the shape of the lock changes, sometimes for no other reason than...
JCI / Tyco Security Acquires Smartvue
on Apr 03, 2018
Johnson Controls (Tyco Security) has acquired cloud provider Smartvue (see recent IPVM Smartvue profile). Smartvue will join Exacq and VideoEdge...
Most Recent Industry Reports
May 2018 Camera Course
on Apr 20, 2018
Save $50 on early registration until this Thursday, the 26th. Register now (save $50) for the Spring 2018 Camera Course
This is the only...
Global Real-Time Video Surveillance - EarthNow
on Apr 20, 2018
A new company, EarthNow, with backing from Bill Gates, Airbus and more, is claiming that:
Users will be able to see places on Earth with a delay...
Dedicated Vs Converged Access Control Networks (Statistics)
on Apr 20, 2018
Running one's access control system on a converged network, with one's computers and phones, can save money. On the other hand, hand, doing so can...
April 2018 IP Networking Course
on Apr 19, 2018
This is the last chance to register for our IP Networking course. Register now.
NEW - 2 sessions per class, 'day' and 'night' to give you double...
Rare Video Surveillance Fundraising - Verkada $15 Million
on Apr 19, 2018
Fundraising in video surveillance (and the broader physical security market) has been poor recently. Highlights are few and far in between...
'Best In Show' Fails
on Apr 19, 2018
ISC West's "Best In Show" has failed.
For more than a decade, it has become increasingly irrelevant as the selections exhibit a cartoon level...
Security Camera Cleaning Frequency Statistics
on Apr 18, 2018
150+ integrators told IPVM how often they clean cameras on customer's sites and why.
Inside we examine their answers and break down feedback...
Worst Access Control 2018
on Apr 18, 2018
Three access control providers stood out as providing the most problems for integrators.
In this report, we analyze the answers to:
"In the...
Axis VMD4 Analytics Tested
on Apr 17, 2018
Axis is now on its 4th generation of video motion detection (VMD), which Axis calls "a free video analytics application." In this generation, Axis...
Arecont CEO And President Resign
on Apr 17, 2018
This is good news for Arecont.
Arecont's problems have been well known for years (e.g., most recently Worst Camera Manufacturers 2018 and starting...
The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.
Comments (9)
John Grocke
Excellent article. I can't remember the last time I sold a new EAC system using prox cards or readers. We've been selling iClass for several years for new installs. Our clientele is generally more security concious than most and we don't do a lot of low bid type work.
We have customers that use the memory storage blocks built into the iClass card for biometrics and other functions such as logging into their PC's using an USB reader instead of manually typing a password.
As mentioned, the "MultiClass" readers are handy for helping customers migrate technology.
Create New Topic
Wassim Abu-Zent
In the picture "Encrypted v.s. Unencrypted transmission methods", I am curious as to what this person is holding against the door/wall. In this picture, what is this snooping technique?
Create New Topic
John Minster
Great article Brian Thank you.
This is a subject I debate with people on a regular basis. If you are not set up for, monitoring and enforcing door forced open and door propped open alarms, prox cards are really a non factor in how secure you are. It is far easier to tailgate than it is to "snoop". Seems people want to make a big deal out of prox cards but don't bother with DFO or DPO.
Create New Topic
Brian Rhodes
Hello, Wassim:
The picture shows a 'generic' homemade RFID antenna. The web is full of DIY RFID snoop gear, and it's more than just antennas. However, we did not want to provide a blueprint for snoop gear with this post, but rather illustrate the purpose of credential encryption.
Thanks for reading!
Create New Topic
Andrew Lee
I have some comments I'd like to provide on this topic. Though will have to get into more detail later.
The snooping process and the iClass authentication, etc is slightly different than explained. (though my quick comments will probably provide additional confusion)
The prox cards were not actually compromised, just the lack of two way authentication method with the reader made it easily copied, even the clock signal can be slighly off. They can not be cloned to a new physical card (or from the last I remember they couldn't). The old MiFare classic was hacked/broken and can be easily cloned to new cards.
Prox cards are duplicated by copying the RF field that is outputted from the card and doesn't require you to do it during a card read process with a legit reader as shown in the snooping example. You also have greater distance with the RF field off a 125khz card than a 13.56MHz card allowing you to electrocinally copy the prox card at greater distances. The electronic cloner would then be used to replay the RF signal to the reader.
Most iClass card based installations typically use a standard Card Serial Number (35bit/37bit) method when used with wiegand readers as this is a one way communications method and typically doesn't allow access to the application areas. You can easily read the same card serial number from the iClass as from a prox card. (If you wish to use application areas and other key based techniques you can make it impossible to duplicate a card number though in those instances you will probably be using a RS-485 bidirectional reader with an encrypted communications that prevents the physical access). iClass is secure from cloning or spoofing in the sense of the prox.
The security of a wiegand based system relies on the ability to keep the wiegand circuit secure. I could take any iClass card using a wiegand system and copy the CSN and then take a device that can output that same CSN over a weigand device. This of course requires physical access to the data 0 and data 1 cables to push this number down the line. So use of tamper monitoring should be used on all readers that have a wiegand interface if there is a chance it could be physically accessed by a person.
Create New Topic
John Minster
Great points Andrew. When people go on about prox not being secure and needing to go to IClass I point out what Andrew mentioned about down stream devices. For areas needing real security IClass and OSDP are in order.
Create New Topic
Undisclosed Integrator #1
Would like to see a similar comparison between iClass and DesFire
Create New Topic
François Brouillet
In the 13.56 MHz realm there are different competing standard. In NA we mainly see the HID iCLASS and its new vesion iCLASS SE, in Europe it is the Philips Mifare and the more advanced version Desfire EV1 that is popular and in Japan it is the Sony Felica. When we look at the ISO 14443, iCLASS is ISO 14443B and Philips Desfire is ISO 14443A so although both are "compliant" with the same ISO standard the are not fully interoperable. Typically the HID iCLASS reader will only read the CSN (Card Serial Number) of a Mifare or Desfire card not being able to read the actual sector storing the credential information
Create New Topic
Adams Dauda
This is well documented article, in an environment of regulatory requirement of financial institution for example where a customer can use his/her bank debit card to enter banking hall during the closing hours to carry out transaction. The PCI regulation requires encryption of personal information it would be a risk to use Prox for door entry system.
Create New Topic