Access Badge Cloning

(OBJ 2.4)

Technologies for contactless authentication

• Radio Frequency Identification (RFID) and Near Field Communication (NFC) are popular technologies used for contactless authentication in various applications
• One of the most prevalently vulnerabilities you need to be aware of in terms of the RFID and FC technologies is the ability to easily conduct access badge cloning to bypass your authentication systems

What is Access Badge Cloning?

• Copying the data from an RFID or NFC card or badge onto another card or device
• Trick the system into gaining access or performing a transaction
• No need to posses the original badge

How does an attacker clone an access badge?

• Step 1: Scanning

  • Scanning or reading the targeted individual’s access badge
  • RFID or NFC reader
  • Attacker might have an Acces Badge Scanner in their backpack, no need for physical contact but still need to be relatively close

• Step 2: Data Extraction

  • Attackers extract the relevant authentication credentials from the card, such as a unique identifier or a set of encrypted data

• Step 3: Writing to a new card or device

  • Attacker will then transfers the extracted data onto a blank RFID or NFC card or another compatible device
  • Use of Flipper Zero for RFID and NFC scans, emulations, and writings

• Step 4: Using the cloned access badge

  • Attackers gain unauthorized access to buildings, computer systems, or even make payments using a cloned NFC-enabled credit card

Access badge cloning is common because of its

• Ease of execution

• Ability to be stealthy when conducting the attack

• Potentially widespread use in compromising physical security

• Tools become more easily available

• Access badge cloning is considered to be a stealthy way to conduct a physical security attack

  • You do not need to maintain possession of the original data/card

How can you stop access badge cloning?

1. Implement advanced encryption in your card-based authentication systems
   • Many basic RFID scanners use basic systems with no encryption
2. Implement Multi-Factor Authentication (MFA)
   • Combine with a second form of authentication, a security pin or a biometric input for example
3. Regularly update your security protocols
   • Periodically update encryption keys and other infraestructure
4. Educate your users
   • Encourage users to be cautios and detect attempts
5. Implement the use of shielded wallets or sleeves with your RFID access badges
   • RFID shielding wallets or sleeves prevent scanners from being able to read credentials
6. Monitor and audit your access logs
   • Example: Using a cloned access badge of a person that is in a different room or should not be there at that time