Vulnerability Directory For Access Control Cards

Author: Brian Rhodes, Published on Aug 14, 2017

Knowing which access credentials are insecure can be unclear, especially because most look and feel the same. Even the most insecure 125 kHz types are still widely supported, and using 13.56 MHz smartcards is no sure guarantee the format has not been hacked.

In this report, we take a deeper look at:

  • Why To Stop Using 125 kHz Formats
  • Which 13.56 MHz Formats are Uncracked (So Far)
  • The Cracked 13.56 Types Still Widely Used
  • Why No Formats Are Uncrackable
  • Thousands Are Working On Hacks
  • High Technology Skills Needed
  • Steps To Defend Against Hacks

We cover these points inside.

125 kHz Riskiest of All

While the vulnerability of specific 13.56 MHz formats is mixed, older 125 kHz are highly vulnerable to pragmatic copying with cheap and widely available components. We covered the risk in our Hack Your Access Control With This $30 HID 125kHz Card Copier test, and then how to address the vulnerability with the Hackable 125kHz Access Control Migration Guide.

Common 125 kHz Formats Are Insecure

The list of vulnerable, unencrypted 125 kHz formats used in access is substantial, easily reaching into millions of credentials still in use daily. The common formats include:

******* ***** ****** *********** *** ******** *** ** *******, ********** because **** **** *** **** *** ****. **** *** **** insecure *** *** ***** *** ***** ****** *********, *** ***** 13.56 *** ********** ** ** **** ********* *** ****** *** not **** ******.

** **** ******, ** **** * ****** **** **:

  • *** ** **** ***** *** *** *******
  • ***** **.** *** ******* *** ********* (** ***)
  • *** ******* **.** ***** ***** ****** ****
  • *** ** ******* *** ***********
  • ********* *** ******* ** *****
  • **** ********** ****** ******
  • ***** ** ****** ******* *****

** ***** ***** ****** ******.

125 *** ******** ** ***

***** *** ************* ** ******** **.** *** ******* ** *****, older *** *** *** ****** ********** ** ********* ******* **** cheap *** ****** ********* **********. ** ******* *** **** ** our**** **** ****** ******* **** **** $** *** ****** **** Copier****, *** **** *** ** ******* *** ************* **** *********** ****** ****** ******* ********* *****.

Common *** *** ******* *** ********

*** **** ** **********, *********** *** *** ******* **** ** access ** ***********, ****** ******** **** ******** ** *********** ***** in *** *****. *** ****** ******* *******:

[***************]

Formats *** *** *******

*** **** ** ******* ****** ******* ********* *** ******* ** hacked ** ***** *** ******** ***** **** *****:

*** ****** ****

***'* ****** **.** *** ****** *** *** ** ** ****** and ********* ** ******* ***** ********** *****. *******,**** **** ******* ******* ******* '**** *************', *** ******** ******* [*,*,*] ***** '** ** *****' ** ********** ** ******** *****.

****** ******* ***(********* ****)

**** ******** *** **.** *** ****** *** **** ****** ******* outside ***** *******, ** ***-********** ****** ******* *******, *** **** less-expensive ****-************** ****** *********** *** *******, *** **** ***-*** *** encryption *** ******* **** *******.

****** ******* ***(********* ****)

**** '**** ***' *** ****** ****** ** ***** ******** ********** related ** *** *********** ** ********** ** *** **********, *** does *** *********** ******** ************. ** *******, ******* ******** ** use *** *** **** **** ***, ******** *** *** *********** is **** *** *** ********* ** ********* ** ****** *******.

Formats ************ *******

*** ******* ****** ** ******** ** *** ****** ******** ** integrators *** ********. *** ******* ***** **** ** **** ** systems **** **** ******, *** *********** **** ** '******' ** access *************:

****** ******* *******

********* ********* ****** ******* ******* *** *********** ****, **** *** *** **** ****** ********** ** *** PACS ******, **** **** ***** ******** *** **.** *** ********* format ** ****. *******, *** ****** ** ********** ******** ******** keys ******** *** ******* ** *********** **********. *** ****** ** still ********* **** *********** *******.

*** ****** ***** (*** **/**** *******)

*** ****** ** ********** '****' **** ***'* ******** **.** *** format ***** ******** ******* *** ***** *** *** ********** ******* in *** '***** ** ********' *****. **** ******** ********** ********** *********** *** ** ******* on *** *****. *** ***** ***** ***** ********** ***********, ******** the **** ****** **/**** ****** *** * ********* ****** *** multiple ****** ** ********** ** ******* ******* ********.

No ******* *** ***********

******* ** ****** ** '**********' ** '**********' ***** **** *** often ********* ***** **** *** ******** ** *** ******, ** credential ******* ****** ** ****** ** '***********'. ***** ***** ******** from ******* *** ********* ******* *** ********* ** ******** ******* essentially '******* *** ***** ******' ** ********* *****, ******* ** hack **** *** ******* *** **********.

** ****** ****, *********, ** ********** ****** ****** ******* *********** secure, *** ******** ********-****** ***************** ******** ********* ** *******.

Cracking ********* ******* ** ****** *********

*** ********* *** ****** ****** ** ***** ********* ******* ********* use ******** ***** *********** **** ******* ******** ***********, ********** ***********, and ********* ***** ** ****.

*** ** *** **** ******* ********** **** ******* *****, *** open-sourced*********,*** **** ********** ** *** ***** ****:

** ****** ** ******* *** ***** ***** **** *** ********* is *** ****** *** *********. ** *** *** *** ******* fairly ******** **** ***********, ******** ***********, **** ** ****** *** ISO *********, **** ****** **** ******** ***** *** **** *********** than ******** **** ! ***** **** ** *** ********** *** basic ********** ****** **** *** **** ********** ***** *** ******.

*** ***** ******* *** *** **** ******** *****, **** ****** not ****** * '***** *** *****' **** ******, *** ****** a *** ** ********** **** ******* **********, ********, *** ******** that **** ** ********** ******** *** ****** ********** *******:

**** *** ***** *********** *** *** *******, *** *****, *****-****, and **** ** *** ******* *********, **** ***$** **** *** *** ******** ****** **** ********* *******:

*******, *** *** '***** *** *****' ******* *** ***** ** access *******. *** *******, ** ****** ********** (**.*****) ********** *** *** **** **** ****** ****** *******, ******* *** claims ** ******* ********, ********* *******:

The ******* ********* ** *****

******* ** *** '*********' ********* ** ********* ********** ** ******* mechanical *****, ***** *** ********* ****** *** ******** *********** *** contribute ** ******* ****** ***********.

*** ** *** ****** ****** ***** ***** ***** ****** ** the******** ********** *********, **** ********* ** ***** *** ******** ** ***** ***** month, ***** ************* ******* ** ******* ******** *** ******* *** multiple ******* (********* ******, ******, *****, *** *** ***********) **** place.

***** ****** *********, **** ****** ********* *** **** ** ******. Multiple ******* ******** *** ** ***** ** ******, * ***** and ***** ****** ************* ****** ** ***** ************. ***** ***** are **** ******** ** ********** ********, ** ******* *** ***:

******* *******

Significant ****** *** ** ********

******* ********* *** ********* **** ** ******, ** **** ******** access *** ************ ** ********* ** ***** ******. *** *******, one ** *** **** ******** **** ******* ** ********** ******* keys **** ****** ******* ******** ********** ****** * ******* ** splicing *** ****** **********.

*** **** ****** *******, *** ********** *** **** ****** ** use **** ****** ** * **** ************* ********* *** ****, as *** ****** ***** ** ****** ******** ** ***********.

*** **** ******** *** **** ******* ***** ***** ***** ** processing. **** ******* *** **** ** *** ** * ******* (with *********** ***), ***** ****** **** ******** ***** ** **** **** (**** the***** ***** **** ******* ****).

High ***** **.** ****** **** ** ***** *******

*** *** *********** ** **** **** *** **** ***** *** devoted ****** **** ** ***** ********** *******, *** ******* **** to ********** ****** ******* ** ******** *** ******* ***** ***** takes ****.

*******, *** $** *** *** ****** *** ** **** ** seconds *** ****-********, ** ***** ******* ****** ** *******. *** for **.** *** *******, **** ***** ******* ******, ***** ** time, ******** ****, *** ******** ************ ** ******* ** ***** required.

*** **** ********* ******* ******* *******: ******** ***** ************** ******* of **** ****, '**** ***' **** **** ********, ** *** reissue ***********, *** **** ***** **** **** *** ********* ** installed ******* *** ***********.

Comments (22)

***** **** ******** **** ** ****** ***** :) ***** ** still *** ************* ** ****** ** ********** ***** **** ** also *** *****. ******* ************ *** *** ** ******* ********* a *** ... ** ***** ***** ** *** **** *** to *** **********.

*** ** ****** **** *** ****** ** * *** ** people (****** ********). ** ****** ***'* ******** *** ***** ******* to **** *************** *** *** "***** *** *****" **** ** that **** ** **********.

*** ***** **** ** ******** ** ********* ** ********* ***** day. ********* ******** **** *** ********** ** ** **** ****** peer ****** *** ******** ****** ****** *** ****.

***

***** *** *** ** *** ********** :

****://***.*************.***/****-***-***-********

*** ******** **** ******** ********* (************) *** *** *** ** sim **** **** "***" *******. ** **** *** ****, *** high ******** ***** ***** *******...

*****

*** ***** **** ** ******** ** ********* ** ********* ***** day. ********* ******** **** *** ********** ** ** **** ****** peer ****** *** ******** ****** ****** *** ****.

**** ** *** *** '*****' ********* ******'* '***** ** ********'****** *****. ** ******** **** **** ******* ****** ** * particular ***** ** **** ** * ***** ***********, ****** ******* used ** ***** ***** **** ************ (**: *** ****, ***/***** passes) ***/**** ** ******** ******* ******** ******.

***** *** *** ******* *** **** ** *** *******.

* ***** ** **** ****.

***** *******,

*. *****'* ****** *****. * **** ** ** **** ************ iClass *********** *** * ******** ******** *******. ** ***** * bit ** ****** *** *** *** **** *** **** ***** require ******** ******* ***** *******.

**** **** *******, * ****** ** ******* ******, ***** **** links ** *** ********* ***** ****** ** **** ** ******, ( * ***** *** ******** ***** ** **** **** *******) and ****** *** *********** ****** **** *** ****** ***** *** weak ** *** ** *** ******** ** *** ********** *******, which ** *** **** ***.

**** ******* ** ******** *** **** ** **** ******, *** cryptographic ****** *** ** ******, *** *** ******* *** ** do **** ** ** ****** *** ****.

*** **** ****** **** ** *** ********* ** ********* ***/*, a ****** ******** ** ** **** ** *** ***** ******* on *** ******** *****, *** ***** ** *** *********.

**** *** ******* ****** ******** ** ** **** **** *****, which *** ** ******** *** ****, *** **** ** * XP *******( **** ******** *** **). * **** ******** **** package ** **** ** **** **** ********, *.*. ** ********** site ***** ***, ******* ***********, *** ******.

****** *** *** ******** ****!

** *** **** * ***** ** *** ********* ********** ****** SE **** ***?

** ******** ******** ******, * ****** ******* ******** *** **** partially **********, *** ***** ** * **** '*****'.

** *** *** ****, ** ** *** ***** * ***** is ***** ******** *** ****?

****** ** ** ********* * ****** *********** ** ******** *******. In ****** *** ******** ********* *** *** ** ***** ***** similar ******* ** *** **** *** *** ********* *******, *** then ***** ** * ****** *********** *** *********, ***** ** currently **** *** ******* ** *** ******. ****** *** ******* utilise * ****** ************** ******, ***** ***** ** ********** ** Side ******* *******, ** ***** **** *** ****** ****. *** from ** ************* ***** ******* * ****** ********.

******* *** ****** *********** ** ***** ******** ** *** **** and *** ******* **** ******** **** **** ** *** **** for *** ** *********** ** ********, *** **** *** ** achieved **** *** ***** ****.

********, **** *** ********* *** ** ***** *** ****** *** be ******** ***** * ********, *** ****** **** *** *** contents, *** *** ***'* **** ** ** ******* **** **** you **** *** ****** ** **** ***** ******** ** *** back ** *** ****....

**** ** ******* ** *** ******, *** *********** ******* ******, except **** *** *********** ** *** ******* *** ********* *** CSN, ** ******* * ******* ** *** ******** ** ******* soft ******* *************** ** ********, *** ****** ***** ** ** focussed ** ******** ***/* **********. ** *** *********** **** *** likely ** ****** ******.

********** ****** ** ***** * *** ******* **** ******** *******, and **** ******** **** *** ****** ******** **** *** ************* have ******** **** *** **** ** ****** *** ******** ****** on.

* ***** ******* ***** ********** **** * *****'* *** ****** to **** ** *****, *** ***** * **** **** **** allowed ****** *********, ********* *** ****** *** *** **********.

** * ******** ****, **** **** * **** *** **** looks **** ****, *** * ** **** ********* **** *** won't **** *** ******* ** ******, ** **** **** *********** under ***, ** **-*** ***** **** ** ******** **.

**** * ***** **** ********* ** ** ******* ***, *** we **** ** ***** ** ********* ******** **** ** ***** counters **** ** ********* **** ** ****, *** ******* ***'* put **** ** *******.

***********. **** *** *******, ** ***** ** *** ********** ** divulging *******, *** ****** ********** ***** ** ** ******* *******. Even ***'* ** ****** **** ** ****** ***-********* ********* *** often ***** *** *********** ** *********.

****** *** *** ********!

* ***** ******, **** ********* ** ** ***** **** ******, is ******* ***** *** ** ***** ** ***** ****** *** i-Class ** ******. ***** ***** *** **** ** **** **** both *** ******** *-***** ******** (********* ******* **** * **** number ********* **** * *) *** *** ***** *-***** ** platform **** *** * **** ****** ********* **** * *. The **** ***** **** **** *** *** ***** ****** ******* are ******** *** ****** ******* ** *** ****** *** ** disabled ** ******. **** *** *** ****** **** **** ******* on *** ****** ** **********. ** ** ******** *********** **** any *** **** **** *** ** ******* *********** **** *-***** SE ******* **** *** ****** ****** ********.

* ***** ***** **** **** ** *** **** (** *****). But *** ******* **** ******** *************** ** ****** ** **** it ***** ** ** **** *******, ******** ** ******* ** Mifare *******, *** ****** *** ** *** ******* **** ********. Why ***** *** ******** ** *** * **** ** *** DES ************** ***** * ******* ** * **** ( ****** read & *****), **** * ****** *** *** *** ****** (EV1/2) ** ********* **** ******** ****, ***** *** ****** ****?

********** **** *** ************ ** **** ******* ******* **** ** Proxmark, ***** *** ******** * ****, ******** *** ********** ** a ****** *** *** ****.

**** ** *** *** ******** *** *******, *** ***** ** you *******, *** *** ******* **** ******* ***/* *** *** cards *** *******.

** *** *** ******** *** *******, **** **** ** ******* OSDP.

******, *** *** ****** *** ***** ***** ***/* ******* ** Seos? ** ** * ********.

** *** *** ** **** ******** ******* *** **** "*** would **** ************ ** ** ******* ***", ***** "**", * believe, *** *********** ****. * ***** ** ********. *** **** even ** ****? *'** *** **** ******** **** ****.

** ***** ** ** **** **** ** ****** ****** *** well ********. *'** **** ******** ***** ** **** ****** ** remain ****** **** ** ****** ******* *** *'** ***** * don't **** ****** ***** ****** ** **** **** ** ******** guess.

* ******* *** ********** ** *** ************* "****-*******" ** ******* which **** **** **** ***********. ** *** *** ***** "********-*******" SE ******* ***** *** **** ***** ** ****** *** ****** are *********. **** ******** * ****** ********* **** *** *********** to ****.

******* ***** * ******* ******* ***** ******* * ********** **** older ***********, ** ****** ******* *** **** ***** ******** ** used, *** **** *** ********* ** *** **.

*** **** ************ **** ** ***, ****** **** *** ******** (I ******* **** ** * ******** ***********) ** *** ****** to ***** **** *** *** *********, *** ***** ***** ********** is ******** **** ********* **** *** ************ ** ***** ** is *******.

********* ** ***** ** ***** ************, ** **** ** *** questions **** **:-

*** ***** ** ****?,

**** *** **** ******?,

** **** ***** ** ***** ******** ****?,

*** **** ** ******** *********?

*** *** * ****** **** ** * ******?,

*** *** *** ************* ******** *** ******** *** ******?.

*** **** ***** ** ********** ********* ** ** *** ** this *****, ** ***** *** ******** ** *********, ***** *********** to ******** *******, *** ******* ********* *** ***** **** **** their *********. ************ ** **** **** *** ********* ** ******, and *** ************* *******.

* ***'* ***** ** *** ** ****** ********* ***** ** "It ***** ** ** ****" **** *** ********* *** ******** that *** ***** ** ** * ******** ** *****?

*'* *** ****** *** ********* ** **** ** **** ****** pretending ** **** ** **** ** ******. **** **** ** cursory ******* ** ***** **** ******* ***. * ********** ****** **** ***** ******** ** ****. *** **** ******** translate ** ********* ****** ******. ** *** ** *** ** security ***** **** **** ****** *** *** "************ * ****** and ******** **********" *****'* **** ** *** "*********** *********". *'* certainly *** **** ********* *** ** *** *****. ************* *** is ****** ******** ** *** ** *** **** ******** ******** vendors *'** ****** ** ***'* **** **** ** ******** ***** NXP, *** ***** **** ** ************* ** *** *** ***** details ** *** **** ****.

** *** ** *** **** *** *********. ** ************* ** that **** *** **** *** ****** ******* *** (*** **** about ***) ********* ***** *** ** ******* **** *** **** if *** ** ******. * ******* **** *** **** ***** investing ** ********, ********, *** "*******". *** **** **** *** common ******** ** *** ****** ******.

* ******* **** *** *** ********* *** *****, ***** ***** keys *** ***** ** ** ****** ** ******* ** **** as ***********. *** ** *** ******* **** * ***'* **** of ******** **** *****'* ******* ****.

**** ******* *** "***********" *******. **** ************ ****** **'* *** master ***. *** **** * **** ****** ***. ******* ****** the **** ** **** **** **** *** ***. **** ***** it *** ***. ****, * *******, *** *** **** ******** encryption ********** (****, ***, ***).

*'* *** **** ***** "******** ********** ****". * ***** ******* both *** ******* ****.

*** *'* ****** ********* ******* *** *** **** ******* ******* review ********* *** ************** ** ******* ********. * ******* *** hasn't, ***** ******'* ** **** **********.

** ******* ** **** ** **** ** ********** ****. ******* 1) *'* **** ********** ** *** ***** *** *) *'* actually ******* ** * ******** *** ******* **** ** *** conclusion ** ***** ** **** ** *******. * **** ** hard ** *** * ***** ******* ** *** ***** ******* of **** ********* **** * ********* *****. *** *** ******* I ******** ***** ** ****** **** ** **** * ****** who *** ******* ** ***-**-*** ******** *** ******* ** ** me (*******, ***********, ********, ********, ***).

*****, ** ***** ** ***************, * ***** ********* ***** *** with * ***** **** ****** ***, **** ****** ******** ************ to ** ********* ** *** ****.

*********** * ********* * ***** ***** *********** ** **** ****** the *** ********* ****. **** *** ** ****, ******* ********** or *******.

******* ** ****** ***** ****** ******* ** * *********** ****, i.e. ** **** ** *** ******.

** *** **** *** *********, *** ****** ****** **** ***** for *** ********.

******** **** ** ********** *** ******* * ***, ***** **** be ******* ******* ** *** *** *** ****** ************.

** (***.*******.**.**) **** ******* ** *** ** *** *** *** credential ********** ****** ***** ** *******, *** * ** ***** of ** ***** *** ****** ***** ** *** **** * Platinum *******.

** ** ********** *** **** ********* ***** ***** ******** ** go "*****" **** ********** ** ********, *** **** ******* **** in ****-****** *****.

**** **** ** ********* (*.*. ** *** ***** *** ****) yet **** ** ******* ** ***** ********* ** *** ***** of *** ******* ** * ***, *** ** ********* ** suitable ********* *** ***** *** ***********.

****** *** *** ********! *** *** ******* ** * *** more **** ** *** **** *****

"******* ** ****** ***** ****** ******* ** * *********** ****, i.e. ** **** ** *** ******"

* **** ** **** **** ****** ***** ****. *** ** this ********? ** **** *********** * ****** ******* *** ****** and ***** **** ***** *** **** ** **** **** ****'* in ** ******* ****?

****** ** *** **** **** ********* ** *** *** **********. There *** * ********** *'* ***** **. ***** ** ** understanding *** ******* ** **** *'** ****/********* ********* *** ******.

******** ********. **** ** *** *** *** ***** ******* ***** the **** *** *** **** ****** *** ******* *** *********** regardless ** ****/*******.

*****/***** **. **** ** *** ******* ***** *** ******* * custom **** ******** **** ******** *** *** ***. **** ******* and ***** **** ** ******* ******* **** *** *** *** programmed **** *** *******. * ******* *** ** **** ******* your ********** *** *** *** ********** ** *** *****. ***** you're ** ****** ***** *** ******** ***, *** *** ***** trusting *** ** **** ****** *** *********** * ***** *** of **** **** *** *****.

****** **** ********. **** ** *** **** ** *** ***** except *** *** ** *** *** **** ******* *** ***. Obviously **** **** ******** *** *** ****. ***'** **** ********** hardware/software. *** *** *** ***'* **** ** ***** * *** party **** **** ****.

******* *** ** ********* ******* *** ******* ***** **** ******* configuration ***** ** *** ****.

*****/***** ** **** *** ** *** *** *** ***** ** the ********. ****** *** ******* *** ********** ** *** ******* as ****.

*** ****** **** ******** **** ******* ** *** ******** *** also ** ***. **** *** ******* **** * *** *** user ********* **** ***** **** ******** *** ***. ******* ** this, *** *** **** **** *** **** ********* ** *** actual ** *** ***, **** **** *****. * ******* *** Elite ******* ******** ******* ** ********* ** ****, **** ** the *** *******.

* ***** **** **** ****** ******** ** *** ********* ** who *** ** ****, *** **** ** ******** **-*******, *** how ** ****** ****.

****, *'* *** ******** **** ** **** ** ** ***, I ***** **** ***** ** ******.

*****, * ******* *** *** ********** *** ***** **** ******, which *** *** **** ******* ********** ** *** *** ***** which ** ***** ** *** *** ***.

** ** **** ** *** ******* *****, **** ******* ******** to *** **** ** ***** ******** ******* ** ***** * paraphrase, ***** *** **** ************ ** ****** * **** ******, which ** **** ** *** **** ** ****** * ****** random *** ** *** **** (** **** ** *****) ** control *** ***********. *** *** *** ** ****** ** * tightly ******* *******, ***** ******** * *** ***. *** **** client ******* ******* * ****** ******** *** ***, ***** **** control, *** *** ***** **** ****** ***** *** *** ****** set *** ****** *** *** ********** *********** ** *******, ********* the ****** *** ****** *****. **** ******* **** *** ******* is ********** *********. *** ****** *** *** ****** ***** *** be ********* **** *** **********, ***** ****** ** **** ***** and *** ** ****** ** * ******* ****, ** * controlled ****, **** ******* *** ** *** ***** **** *** key ****** ***** *** ****/******. * **** *** ** ** this *** ******* **** * *** ******.

** ** **** **** ** *** **** *****, ***** ** available ** ********** ***** *** *** ********, ** ** ** anonymous, *** *********** ** *** ****** *** **** *** **** approved ** *** **** ** *** ** (******** ********** ** NIST), *.*. **** ********** ******** ** * ***** *****. *********** can ****** **** *********** *** *** *****, ** ***** *** users *** ** ** **********.

** ** *********** *******, *** **** *.*.* ******** ****, *** I *****'* **** ** ********* ** ****** ** ******* (*** union ** ****/******* **** ******** ********** **** ***** ***********), *** Deister ********* **** * ****** ****** * ****** *** ***** can ******* *** ** ***** ******* ** *********** ******, ******* only ***** **** *** ******, *** ********** ** ****, ****** a ***-**** *** ** **** *** ****** *** *** * reader, **** ****** *** **** ****** ******* (** **** **** this ** ** ** *** ****** *** ** ********* ** the **** *******) ** * ****** *****, ** ****.

**** *** ****** ******* ** ******* ****** *******(***), ***** ** an ********* ***-*********, * **** ***** **** * * **** panel **** * ***, *** *** ****** ************ **** ******* on ****** ******** ** ***** ********* ******, ** **** **** news, ** **** ********** ******* ** *** ******** ****** **** security *** ** ******** ** ********.

*** ******* *** ********** ****** * *** **** **** *** does **** *** ***** ** ******** *** ****** *******. *** encoder *** * *** ******. **** ***** * ***** **** sounds ********* ** ** ** *** "******** *** ***". * think *** **** ***** **** **** *** ******** ******* **** they *******. *** **** *** ******* **** **** **** *** custom ****. ******* *.******** ******* *** **** **** **** *** ****** ******* ** the ********.

* ***** *** ****** **** ** *** **** ** *** list ** "*** *** *******".
** ** **** ***** **** ****** ******* (***** ** ********** with **** *** **** **** ********** *** *** ******** ** physical ****** *******) ** *** *** *******.

* ***** **** *** **** ****** **** ** **** **** open **** *** *********, ***** ******* ** *** ********* **** complete ******** *********** ***** ***** ****** *** ** *********. ***** is ** "******** ** *********" ***** ** ***, ** ** based ** ****** *** ******. ** *** **, ** ***** much **** ********** **** * **** **** ********** ****** *********** HID *********.

***, *'* ** ******, ** ***'* **** *** ********* ****, Mifare ****** ***** ** *********** ****, ** ******* ** *** own ******* *** **.

*********, ** ** *********** **** *** **** *** ********** ******* NXP *** ***, *** ** * ********, ************ *** ******** of ***** **** ********* **** ** ****** **** *** *******, whereas *** ******* *** ************ ***** *********. *** ****** ******** was ******** ** ****** ****** *** **** ********** ** ********. Therefore **** ** *** * ***** **********.

**** ********** ** *** ***** ** *** ******** *** ***** to, *.*. *** *** ******* ** ********** ******* *** ** selling ** *** ***** *** ***********.

* *** *** ****** ***** ** ***** ****** **** *** Access ******* ************, ** *** **** ********** ******* ****** **** and ******* ** ********** *****, ********* ** ********** ** *** cost ** *** **** *** * ********* ****, *** *** readers *** ** **** *********. *** **** ****** ** *** Mifare **** ** ** *** ********* **** *******, *** *** problem **** ******* **** ********* ******** ****** ******** ****** *******, providing * **** **** *** ************.

***** *** *** *** ******* ***** ***, **** *** *** for **.

** ** *** **** ***** ** *** **** **** ***** is ** ******* *************, ******* **** *** ** ********** ** be * "**** ****".
***-**** ******* (***** *** **** *****) ** **** ** ****** are ******** ** ****, *** ******* ** ****** ***** *** companies *** ********* **** *******, ** *** **** **** ********* cost ***********.

* **** **** ******* ** **** ******* ** ******** ****** control ** ******* ***** **** ****. **** *** ***** ***** DESFire ** ***** "*******" ****** *** * **** ** ***** that **** ** **** ** ****. * ***** ********** ***, is ***** ********* **** **** ********** *******?

** *** *** ** ***, ** *** *** ** *** day * ***** * ***** **** * ***** ** ******* NXP-based ***** **** *** ****** *****. ********* ******** - * never ******* ** ******* *** **** ********* ******* *** ** HID (*'** ***** * ****** ** *****), *'* ***** ** speak **** ****** ****** ** ****** **** *** **** ****** me **, *** **** ***'*, *** *'* *** **** ** works **** *** **** **** ** *********. * **** ** trust ****, **** ***'* ***** ** *** ***** ******. ** for ***-***** ******** *'* ***** *** * **** ************ ******, just * ***, *** ** ** ********* **** ********** *** me, ****'* *** ** ** **** *********** *** ** *** I *** ********* ** ** *********. ** *** *** ** the *** * **** *** *** * ****** ****** *** I ****** ******** ***** *** ** ***** ******* ** ******.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

2019 Access Control Book Released on Dec 12, 2018
This is the best, most comprehensive access control book in the world, based on our unprecedented research and testing has been significantly...
The 2019 Video Surveillance Industry Guide on Dec 10, 2018
The 300 page, 2019 Video Surveillance Industry Guide, covers the key events and the future of the video surveillance market, is now available,...
Multi-Factor Access Control Authentication Guide on Dec 10, 2018
Can a stranger use your credentials? One of the oldest problems facing access control is making credentials as easy to use as keys, but restricting...
Top 2019 Trend - AI Video Analytics on Dec 10, 2018
160+ Integrators answered: What do you think the top industry trend will be in 2019? Why? AI / video analytics was the run-away winner with...
Cybersecurity Insurance For Security Integrators on Nov 29, 2018
Most security industry professionals carry insurance to cover themselves in the event of a general loss. However, most are not carrying cyber...
Startup Qumulex Aims For Unified Platform, Adds Infinias Access Founder on Nov 29, 2018
The startup founded by former Exacq executives, Qumulex has hired Wayne Jared, founder of access control manufacturer Infinias and most recently a...
HID Product Configurator Examined on Nov 26, 2018
HID is widely used. However, figuring out all the different configurations of features for a final credential or reader part number can be a real...
Axis Bad Marketing - Panoramic Commercial on Nov 23, 2018
Axis is bad at marketing. Recall last month - Axis: "No One Wants To Buy A Camera" and, more generally their 2018 production introductions. But...
Ideal SecuriTest IP Vs Unbranded IP Camera Install Tool Tested on Nov 21, 2018
In our recent IP camera installation tool shootout, multiple members questioned the Ideal SecuriTest IP's features compared to low-cost unbranded...
Openpath Access Control Tested on Nov 20, 2018
Big investment in access startups is uncommon, but Openpath has recently attracted $20 million doing just that. The company has limited security...

Most Recent Industry Reports

2019 Access Control Book Released on Dec 12, 2018
This is the best, most comprehensive access control book in the world, based on our unprecedented research and testing has been significantly...
Huawei Hisilicon Quietly Powering Tens of Millions of Western IoT Devices on Dec 12, 2018
Huawei Hisilicon chips are powering, at least, tens of millions of Western IoT devices, such as IP cameras and surveillance recorders, a fact that...
FLIR Launches Body Cameras Unified With VMS (TruWitness) on Dec 11, 2018
While FLIR is best known for their thermal cameras, now they have expanded into body cameras, launching TruWITNESS, a public safety focused body...
Startup Sunflower Labs' Autonomous Drone Security System on Dec 11, 2018
Startup Sunflower Labs is claiming a unique design on a home security system, combining autonomous drones and 'Sunflower' sensors. Imagine an...
The 2019 Video Surveillance Industry Guide on Dec 10, 2018
The 300 page, 2019 Video Surveillance Industry Guide, covers the key events and the future of the video surveillance market, is now available,...
Multi-Factor Access Control Authentication Guide on Dec 10, 2018
Can a stranger use your credentials? One of the oldest problems facing access control is making credentials as easy to use as keys, but restricting...
Top 2019 Trend - AI Video Analytics on Dec 10, 2018
160+ Integrators answered: What do you think the top industry trend will be in 2019? Why? AI / video analytics was the run-away winner with...
AV Tech Company Profile on Dec 07, 2018
Taiwanese manufacturer AV Tech's revenue declined ~70% since 2012. Planning a comeback, AV Tech spoke to IPVM about their opportunities and...
Ubiquiti $79 Flex IP Camera Tested on Dec 07, 2018
U.S. Manufacturer Ubiquiti has released a 1080p, integrated IR IP camera, selling it directly for $79, making this one of the least expensive IP...
Infinova's Xinjiang Business Examined on Dec 07, 2018
As pressure mounts for companies to stop doing business in China’s Xinjiang region amid a severe human rights crisis, IPVM has found Infinova sold...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact