Prox / 125 kHz Access Control Credential Usage Statistics
Cracked for decades and easily copied for many years, how widely are Prox / 125 kHz cards being used today?
This report, based on 120+ integrator responses, examines why, where, and how many use 125 kHz credentials, plus what they plan to do (or not do).
Executive *******
*******, ****** **** ** *** ****** control *********** ***** **** ***** *** Prox / *** ***:
***** ****** *********** ** ****** ****** dispersed **** *** ************** ******** ***** these *********** ** ***** **** ** the ****, ******* *** ********* **** use **:
*** *** ***** ** *** ** is ~**%, ***** ** ********** ****** than ******* ** ***** ** **%.
******** ** *** ** ****** ** due ** **-***** ********* *** ********** 125kHz ******* ***** *** ***** ***, but ******* *** **, *********** *** Semiconductors (**** ********)********** **.** *** *** ****** ******* (Mifare *******) ** ****.
** **** *****, *** **** *** market *** *** ******* *** ****** control, ******* ********* **.** *** ******/******* formats, ***** *** ***** ***** *** produces *** *** ***** ******* ****-***** security *****, ***:*** ****** **** ******* *** ********** 125 ***.
Key ******
********** ********* **** **** ***** *** themes:
- **** ***** ****** *** ** ******* costs & ******
- ******** ********** ** *** ***
- *** *** ******** **** ** ********** too ***** ** ******
- ******* ** *** *****
- ************ ** *******
- ** *** *** *** *** ***
No ******/ ***** ****** *** ** ******* ***** & ******
** ***** ** ******** ******* **** keeps *** *** ** ********** *** is **** ******** *** ********** *** reader ******* **** ***** **** **** customers ** *** **** ** *** unwilling ** *****:
- "*** *** **** ******* *** *** user *****'* **** ** ***** *** money ** ******* *******/***********."
- "*********** *** ****"
- "** **** * **** **** ** existing *** ****** ******* ** ** move ***** ********* ** ****** ** different ****** ********** ** ******. ******* and ***** ***** ** ** ********. We **** ************ ********* ********* **** saw *** ******** ******* ** ****** encryptions *** *** *** ****** ***** take *** **** *** **** ******. We **** **** *** ******** **** scanner *** *** **** ** ** to ********* *******'* **** *** *** handheld **** ******* ** ****** ********."
- "*** *** ** **** ******* ** the ********** ** ******* *** ********** new *********** ** **********."
- "** **** * *** ** ******** customers **** ***** ******* ** ******* and **** ********. ** **** ** always *** ***** ******. ** ***** be ********* ** ******* *** ** these. ** *** ** **** **** something **** ** **.***** **** ***** new ********. *** ***** , **** can **** **** **** *** **** of *** *** *** *** ***** is *******. **** ****** *** ******* majority ** ***** *********."
- "**** ****** **** ******** ******* *** credentials *** **** **** **** ** keep ***** **** ******* ** ** cheap *** ****."
- "**** ********* ** *** **** ** incur *** **** ** *** ******* and ***********. ** **** **** ****** to ******* *** **** ** ******* the ******* ** *********** *** **** buy *** ***** ** **** **** them *** ******** *** ********** ** attrition."
- "****** ***** ** *** **** *******, but **-******* ** ******** ********** **** is * ********** *********. **'* *** even *** **** ** *** *****, it's ******* **** ******* *** ****** to ***** ********* ****'* *** **** part."
- "***-****, **** *** *** **** ********* readers, ******* *** ************* ** ******** risks, ***** ******** ******* **** ** upgrade ****** *******, ********* *** *******"
- "************* **** ******** ******* *** ****"
- "****** ******* ****** *****'* **** *** transition *** *** ** *** **** of ********* *** ** ***** **** cards. ** *** ******* **** ********* to ******** ****."
- "**** *** ***********"
- "**** ********* **** ****** ***** *** devices *** ***'* **** ** ***** extra ***** ** **** ** **.**."
- "*****, *** **** ********* **** * lot ** *** *********** **** **** haven't **** ******** ***"
- "**** *** ****’* **** **** ****** are ******** ****"
- "**** *** ***********"
- "** ***** ****, *** ** *** access ******* ******* *** ***** **** our ***** ******. ** *** ********* never **** ** *** *** *** increased **** ** *** ****** ******** credentials."
- "**** ******** ******* **** ****** ******* with ******* ************* ********. ** ******** in ********* ** *** ******* ********. Not ********* ***** *** ******** ** security ***** *********."
- "****** ************* ** ***** ********* (****** school *********) ** *** ****, ** frequently **** *** ******** ******* ** upgrade ******* ** **.*****."
125 *** *** ********* & ******
******* ****** ********** ******** ** *** kHz *********** *** ******* ***** **** on ******* ******* ** *** *** taken-over *** ***** ******** **** ***** remain ** ***. *** ***** *** of ***** ******* **** * **** in ******* **** *** ***:
- "**** **** ****** **** ******** *********."
- "****** *******."
- "****** **** **** ******* ***** * have ** ******* ******** ***********."
- "******** ******* ********* ***** ** ****** encryption ************ ** ** ******** ************ company"
- "***** ******* **** *** ***** ***********"
- "** ***** **** ******** ******** **** use ****** ***********. ** ** *** install *** *** ******* ** ******."
- "******* **** ******** *** ********* ** upgrade."
- "********* ******, ******** ******** ***********"
- "**** ********* **** **** **** *** legacy ********."
- "** *** ** ********* ******."
- "** *** **** ** ********* ***** used ** *** ******** ********* ** the **************."
- "******** *******"
- "****** ********* **** *** *** *** been ********."
- "***** *******, **** **** *** ********, or ****** ** **** *** *** security ************."
- "****’* **** ** **** ********- ********* typically **** **** **** ** ** with * *********** **** **** *** already **** *****"
Customer ********** ** *** ***
**** *********** ***** **** ******** ********** is *** ***** **** *** ******** with *** *** ******* *** **** say ***** ********* ** *** ****** the ******, **** ** *** ***** the ***** *** ******** ** ******* it:
- "******* ** ***, ******** **** *** want ** ****** *** ** ***********"
- "**** ** *** ********* ** *** want ** *******."
- "********* *** **** *** *** ******* to **** *** ******. *** *** new ******* *** ****** ***********. ** have ******** (*** ********) *** ********* about *** ******** ****** **** ***** credentials *********."
- "* *** ** ********* **** ** re-use ******** ***********, ** *** *********** that *** ******* **** ** ********* offices **** ********* ****** ******* *******."
- "**** ********* ** ********* **** ** not **** ** *******"
- "******** ******** ** *********** ******** ***'* willing ** *******."
- "***** *********, ******** *****'* *********** **** why **** ****** *** ** ***** them."
- "** ******** ******* ***** ** ******* usage"
- "******** ********** ********"
- "****'* **** ******** *** *** ****'* want ** ******"
- "******* *** *** ****** ** **** to ********* ********** *** **** ********."
- "***'* **** ** ****** *** **** technology"
Outside ** *** *****
***** *** *** *********** *** ********* and **** ****** *** *****, ***-*** located ******** ***** **** *** *** is **** ************ **** *** ****** and ***-******** ******* ** *** **** at ***:
- "** **** *** ****** **.***** ***** because **** *** ***** *** ** don’t **** ******** ******."
- "** ******* *** *** ** ****** cost, *** ** *** ** ******* it ** ****** ** ******** ******* of ** *** ******** *****."
- "** ** ****** (** ****) *** 125Kh **** ** *** ****** ** commercial ************. **** *** ****** ** apartments *********, *** ** ***** ******* are ******** *** ***** ******* ***** it's *****."
- "*** **********? ****** *** ***** *** easy ** *** ** *********"
- "*****é *********** *** ****** ****** ******** utilizzare ** ******* *** ********** *** il ********* ******** * **** **.** (Because *** ***** ******* **** ** use *** ***** **** *** *** attendance ******* *** **** *** **.**)
- "******** *** ******** **********, ****** ****** with $** ******* ****** ********* **********"
- "****** *******, ***** ****, *****-******** ************"
- "**** *** *** ******"
- "********* *** ****** ****** *** ** that ********** ******* **** *** ******* by *** ************ ****** *** ************ of *** *** *******"
- "******** (*** *****) ************* *** ********** destined ** ********** ** **.*****."
- "*** *******, *** ********, *** * few, *** ********** **** ***** ******* understand *** ******."
- "****** ******"
***** ***** *** *** ******* *** US ***** ***** **** **** ** their *** ***** ***** **** **** despite ******* *** ******** **** ** cloning, **** **** ********** **** **** and ****** ********* ***** ** ** use:
- "****** *** ** ****** *********** ** customers **** **** ****** ** ******. When ** ***** ** *** ******** budget, **** ** *** *** ***** items ** ** ********* ** **** fiscal ****. ***** *** **'* **** happening **********, **** ***** ****, ** some *****."
- "********* ** ***** ** *** ******** issues ** ****/****** *********** & ** inform *** ********* ** ****, ********* very *** ******* ** **** *** this **********. *******, ***** *** ***** a *** ***** *** ******** ***** a ******, *****, ********** ******. ************, parts ** * ****** *** *** this ********** ***** **'** ***** **** technology *** **** ***** ******* - i.e. ******* ****** ***** **** ***'* suitable/client *****'* **** *** *****."
- "**** ** ****** ***** *** ******* are ***** ******* *** *** ***** to ******"
- "****** **** ******** *******. * ********* alternative *********** ** *** *** *******. Old ******* ** *****, ****** *** usually **** ****."
- "**** ** *** ******* ********** ********* used **** ********** *** ** *** easier *** ** ** *** *****."
125 *** ******** **** ****** *********** ** ***
***** *********** ********* ***** ********* *** not ********* ****** ** ******, ** are ********** ***** *** *** ******** risks *** *** ***** *******:
- "******** ** *** ** ********* ***** someone ******** ** **** ****** ***********. Most ** ***** ***** **** ******* and * ***** ****."
- "**** ********* ***'* ***** ****'** ** vulnerable *** **** ****** **** *** continued *** ** *** ****** **** 13.56."
- "****** ***** ***** ******** *** ****** the ******* ** ********* *** ********* at ****."
- "*** ***** *** ********** ** ********** on *** ********* ***** ** **** technology, ** **** **** **** **.***** is *** *********."
- "****** ********* ***** ** *** **** to ******* ***** ***** ** ******* even **** ** **** **** ***** security ******** ** *** ***** **********."
- "*** ******** ** ******* *** ***** how ********* ** ****** **."
- "***** **** ** **** * *** at * ******** ***** ** **** as *******."
- "****** ******* ***** *** ****** **** don't **** ** ******* ******* *** communicated ****"
- "********* ** *** **** ****** ** upgrade/cannot ** ********* ** *** ******** need ** *******."
Migrations *** *******
**** *********** ********* **** ******** *** migration ***** *** ***** *********, *** due ** **** *****, **** ******* both ******** *** *** *** ******-******** 13.56 *** *******:
- "******* **** *** ******* ****** ******* and ** *** ************."
- "**** *** ** ***** ********* *** some ******** ** *** *** * issue **** *****. *** **** ** upgrade ****** ** *** ** ***** budget. ** *** ********* **** ***** tech ******* ** **** *** ********** to **.** ** *** ******."
- "******* *** *** *** ** *** and ******* ******* *** ****** *** at ****. *** *** ******* *** EV2 ** ****** *****, ** ********. iClass ** *** ***********."
- "**** **** ****** ********. *** ******** are *** ********* ****** **.** ** dual."
- "** ***** **** ********* ***** ****** credentials. ****** ** * **** **** card ***** *** **** ****** ****** is ******** ** **** *** **** wont ***** *** ***** ** ******* all ** ** *** ********* ****** readers. ** ****** ******* * ********** reader ** ******** ** ************ ** service. *** **** ** **** *** get *****!"
- "** ** ********... *** *** ******** are **** ** ******* ***."
- "**** ********* **** * *** ** old *********** **** **** *****'* **** replaced ***"
*****-********* ******* ********** *** **** *** "higher" ******** **.** *** *********** ** risk ** ****. ****** ******** ******* ***** **.** *** SE / **** ** ********** ** Cracked *** *** *** ********* ******.
*******
** ** *****, ** ****** ****** declines ** *** *** ***** *** not ***********, ***** *** *** ***** vendors *** ******* ** **** ***** products, **** ******* ******** *** *** opposition.
*******, *** **** ** ******* **** and *** *********** ** ******* ****** awareness ** ***** ***** ***** ********** reducing *****. *******, ****** ******** *** help, ** ** ***** ********* *** elimination ** ******* *********** **********.
* ******* **** ****** *** **** afraid ** ******** *** ********** **** a ******* ****...
*****, *** ******** *** ********** ***** is *** ******* **** ******* **** is -*** ******* ******** ** ******* ****
*** ******, ** **** *** ****, it ***** *** ****** ****** ***.
** *** ************ (****** **********), *** Prox ***** *** **** *** ****** control **** **** *** ******* *** Allegion/Schlage ******** *****. **** **** ********* with ***** ************ *** ******* ****** and **** ***** ********. ** ***** be * ***** **** ** ********** an ******* ** * **** ****** card ******* *** ******** *** *********** upgrades ******** **** ******* *** ******* approved. *** **** ****** ***** *** not ****** ********* **** ** ******* the **** *** ******.
*** ***** *** ***-******-*************** ********* **** Prox, *.*. ******* * *** ***** badging? **** ***** **** *** **** of * **** ******* * ****** while ****** ** ********** ***** ** security ** ***** ********* ***** ** is ****** ******.
* ****** ********* ****** *** ******, but **** ***** ****... *'* ** interested ** *** *** **** ********** cases ***** **** **** ** ****** actually ******* ****** ** ********** **** way (**** *** *********, ****** **** just ** ***** * ***** ** YouTube). **'* **** ******, *** *** often **** ** ****** ******? * imagine **** ****** *** **** ****** of ******** *** ********** **** * Flipper ****...