Security advice: Protection against the cloning of RFID tokens

Security advice: Protection against the cloning of RFID tokens

The security of access control tokens has constantly evolved due to technological advances. One of the threats that jeopardize token security is the cloning of RFID tokens. In this article, we would like to inform you about the risks of cloning and show you how you can protect yourself and your customers against it.

Note on AI-generated content: The content of this blog is created with the help of advanced artificial intelligence. Although we strive to always provide you with accurate and useful information, questions or ambiguities may remain. In such cases, our experts will be happy to help you. Please do not hesitate to contact us using the details below. Our specialists are true experts in their field and will be happy to help you!

Contact options:

 Feedback form: Fill out the form
Email: [email protected]
Phone: +493069202294
We look forward to your queries and to helping you with any concerns you may have!

What is RFID cloning?

RFID cloning involves copying the information stored on an RFID token to another token, creating a duplicate with the same identification information. This is done either by intercepting the communication between an RFID token and a reader or by using a special device to read the token information and write it to a blank token.

How is cloning done?

A custom-built RFID token reader or smart Android device is used to extract data from an existing RFID token. This data is then written to a blank RFID chip or token, effectively creating a clone.

How can I reduce the likelihood of my tokens being cloned?

One advantage of an electronic access control system is that the system administrator can change the access authorizations for compromised tokens. If cloning is suspected, the administrator can exclude the token from all access authorizations. In areas with many users, such as residential buildings or vacation homes, an additional layer of security should be considered.

Behavioral measures:

• Immediate notification of lost or stolen cards.
• Store tokens in RFID-protected sleeves.
• Avoid sharing or lending tokens.
• Report suspicious activities.

Hardware and software options:

• Biometrics: Additional security through individual features such as fingerprints.
• Anti-passback: Prevents the same token from being used more than once.
• Automatic expiry: Access rights can be limited in time to prevent the use of compromised tokens.
• Double authentication: Additional PIN entry next to the token.
• Mobile access data: Use of smartphones instead of physical tokens, as encrypted access data cannot be cloned.

Points to note:

• CSN (Card Serial Number) and Unique Identifier (UID) vs Secure Sector Reading: Each RFID chip has a unique serial number (CSN) that can be read by any ISO-compliant RFID reader. Sectors within an RFID token can be encrypted and can only be read with special keys.

IMPORTANT NOTE - Paxton Net2 MIFARE® Reader The Paxton Net2 MIFARE® Reader reads the UID of the MIFARE® Token and not the encrypted sectors. If you have concerns about the security of Paxton MIFARE® tokens, inform your customers of the risks and advice to provide the most secure solutions.

Product and software updates:

• The covers of the P-series readers will be updated and will feature the Paxton logo.
• Paxton10 v4.5 SR11 provides updates to improve security and stability.
• Entry v3.1 SR2 offers an improved user experience for touch and standard panels.

These measures and information will help you to improve the security of your access control systems and minimize the risk of RFID token cloning.