Access cards
Weakness of a chain depends on the weakness of one cell. In the "ACS chain" we have many "cells" and the weakest is the 125 kHz card (EM-Marin, Indala, etc.).
The reason is that this type of cards can be easily cloned. Nowadays in Ukraine you can clone it everywhere and it costs just a few dollars. A service man can even arrive to your office or home.
Ads in Odesa
Ads in Kyiv
I've cloned a few pass cards, checked them and have to say that they work perfectly.
I have visited many business centers in Kyiv,"secured" by EM-Marin cards, and took a photos of numbers these cards:
After
that you can call to a service man and clone those cards by using many
devices, such as KeyMaster3RF for
instance.
Information from EM-Marin proximity card can be even grabbed remotely by using a special portable RF-reader. Distance for reading a card's number can be up to 1 meter.
This problem can be solved by using a smart card instead of a proximity card. One of the well-known smart cards is Mifare card. This card works on the 13 MHz and has a chip with memory inside. The most popular Mifare card is Classic 1k and it has 1kB memory.
By using opportunity to work with memory of the smart card we can make it secure.
We can write a token inside the card memory and secure it with the Mifare key. Just that card reader which knows the Mifare key can read the token and then send it to an access panel.
This solution can prevent the main problem of ACS - card cloning.
Despite that even Mifare Classic cards have vulnerability. Some of them are solved by writing data in ALL SECTORS, some of them are mitigated by using other security measurements like CCTV, logging and employees awareness.
Nevertheless, many companies have still used EM-Marin cards as the pass cards for its employees. The main problem is in the heritage.
Companies use tenant facilities from their landlords and have to use the legacy ACS equipment for its own purposes.
But solution exists: it's a trendy NFC (Near-Field Communication) card.
Some NFC cards have the same Mifare Classic 1k chip and look like labels with the glued surface.
Legacy EM-Marin pass card can be easily upgraded to the "sandwich card".
At the moment I have found just one domestic vendor which can work with memory sectors of Mifare cards. Unfortunately many foreign companies are stuck on the EM-Marin phase. That's a shame. I hope this situation will change in the future.
Information from EM-Marin proximity card can be even grabbed remotely by using a special portable RF-reader. Distance for reading a card's number can be up to 1 meter.
This problem can be solved by using a smart card instead of a proximity card. One of the well-known smart cards is Mifare card. This card works on the 13 MHz and has a chip with memory inside. The most popular Mifare card is Classic 1k and it has 1kB memory.
By using opportunity to work with memory of the smart card we can make it secure.
We can write a token inside the card memory and secure it with the Mifare key. Just that card reader which knows the Mifare key can read the token and then send it to an access panel.
This solution can prevent the main problem of ACS - card cloning.
Despite that even Mifare Classic cards have vulnerability. Some of them are solved by writing data in ALL SECTORS, some of them are mitigated by using other security measurements like CCTV, logging and employees awareness.
Nevertheless, many companies have still used EM-Marin cards as the pass cards for its employees. The main problem is in the heritage.
Companies use tenant facilities from their landlords and have to use the legacy ACS equipment for its own purposes.
But solution exists: it's a trendy NFC (Near-Field Communication) card.
Some NFC cards have the same Mifare Classic 1k chip and look like labels with the glued surface.
Legacy EM-Marin pass card can be easily upgraded to the "sandwich card".
After that a tenant can update its own ACS equipment
(card readers) and implement the Mifare technology inside the company.
This means that two-stage process has to be implemented:
1. Pre-emission of cards.
2. Emission of cards.
At this stage an additional control (security operation)
would be great to implement as separation of duties. This control additionally
mitigates the risk of getting unauthorized access to the company's
premises by separation of operations between two employees. One operator cannot
perform operations without another one and vice versa.
At the moment I have found just one domestic vendor which can work with memory sectors of Mifare cards. Unfortunately many foreign companies are stuck on the EM-Marin phase. That's a shame. I hope this situation will change in the future.
No comments:
Post a Comment