KEEP SAFE FROM TOKEN CLONING IN ACCESS CONTROL SYSTEMS

 Access control systems provide the essential services of authorisation, identification authentication, access approval and accountability. Electronic credentials are stored in the memory of a card or token and, theoretically, it is possible to create a process to clone any of them. Technologies used for storing data in tokens are usually based in open standard hardware which is easy to duplicate. This is not always the case however, as the key word here is ‘theoretically’. It is however important to remember that when it comes to access control there are various levels of security available.

There are several reasons why people clone tokens and cards. Sometimes it is with criminal intent but most times it is done to simply obtain duplicates in case of loss. This puts institutions and individuals at risk as tokens end up in the wrong hands, making it difficult to control usage patterns.

 

Differences Between Mechanical and Electronic Access Control

One question that crops up in response to this is whether it might be better to use mechanical locks and keys in place of electronic access control readers and RFID tags to avoid the whole issue of token cloning altogether.

However, key’s can also be copied and locks are vulnerable to picking.  Cloning a token is generally a more complex process requiring a device to read and reproduce the RFID signal in a blank token.

But the question really isn’t the right one to be asking in the first place.  The starting point should be what level of security you require and what do you need from the system.  Where a higher degree of security is needed, electronic solutions are a better fit. What’s more, they provide the user with a wide range of added benefits that are particularly useful to larger sites and / or with larger volumes of ‘key holders’.

With electronic access, your single entry token or access code grants you access to every door you need to access, so there's no chance of forgetting the key for a particular door. If you get to a site where you need access and you are not recognised by the system, a network operator can add you to the list instantly.

An additional benefit of electronic access control is complete history logging. This can be an invaluable tool. Furthermore, when an outside contractor or visitor needs access, the door can be opened remotely without any effort.

Employing an electronic access control system provides you with the ability to instantly revoke access. If a physical key is lost there is no way to block it or be sure that it has not fallen into the wrong hands. The only way of blocking access to the lost key would be replacing the original lock. This is not the case with electronic credentials as revoking access privileges is as easy as telling the system to stop trusting the revoked key. No further work is necessary.

 

Selecting an Appropriate Level of Security

An access control point can be a door, turnstile, parking gate, elevator, or other physical barrier, where granting access can be electronically controlled and can contain several elements. 

Access control systems can vary from basic solutions that simply read a card number or PIN, and forward it to a control panel to the more secure intelligent readers that comply with strict security legislations and an externally tested and recognised certification such as the AES-128.

Depending on the level of security needed manufacturers offer different types of access control solutions and each application has its own use. It is always advisable to consult with your manufacturer or installer and do a risk assessment of the site to find out the best solution for your application.

If high security is a must, a system that features an AES-128bit certification might be the best solution.

AES is available in many different encryption packages, and is the first publicly accessible and open cipher approved by the US National Security Agency (NSA) for top secret information when used in an NSA approved cryptographic module.

The AES-128 encryption is one of the most secure and the only known attack to successfully break it requires about 38 trillion terabytes of data, which is more than all the data stored on all the computers on the planet. As such this is only a theoretical attack that has no practical implication on AES security.

AES-128 bit encryption is available from manufacturers such as STANLEY Security Products with affordable readers that can be easily installed on top of a legacy system to upgrade it to a smart system. Smart readers such as the Oneprox GS3 HF range used in conjunction with smart credentials offer a highly secure access control solution.

Many times manufacturers struggle to keep up with cloning techniques however they can incorporate processes and systems to ensure that electronic credentials remain safe and secure to those who would want to duplicate them. As technology evolves many manufacturers introduce new readers for higher security that prevent unauthorised entry and token cloning. While one may think that upgrading a system is a costly and time consuming procedure more often than not there is no need for a complete system upgrade. The new smart readers can be incorporated into the existing system without too much effort or costly procedures and offer a secure solution.  

A part of Stanley Black & Decker, STANLEY Security Products is a sales channel of STANLEY Security.  STANLEY Security Products designs and manufactures access control, door entry and door hardware products – including PAC Access Control and GDX Door Entry systems - for over 200 dealers and distributors worldwide.  For more information visit www.stanleysecurityproducts.com

     
   
   
 
  Link to this article:
(Copy and paste the following code to your web page.)
 
 

Education Magazine | Advertising | Education Emails - More Articles