Keycards have been exposed to have major security flaws.
July 28, 2012– This week, at the Black Hat security conference, a developer of software for Mozilla and a young security researcher showed how easy it was to open a keycard door without having the keycard.
Using a gadget the security researcher built for less than $50 he can insert a plug into a DC port that is underneath the box where the keycard is inserted and sometimes can open the lock and door in a flash.
In a test of random doors in hotels, the researcher was able to open one door of three he attempted. Even though he was only able to succeed once in three times it suggest there are major flaws in the security of keycard locks by Onity. The security researcher said he would release all the research and information he has conducted thus far that will potentially allow others to gain perfection in what he has started.
The vulnerability of the system says the researcher is due to the fact the memory on every lock is exposed all attempts by devices to read it. Even though each individual lock has a cryptographic key that is required in order to trigger it to open, that data is also stored in the memory of the lock. It is similar to having a spare key hidden in a flowerpot on the porch of your home. That information can be accessed by certain devices and then be used to open the door in just seconds.