Home  |  Settings  |  Marketing Options  |  About Us  |  FAQs    Join SourceSecurity.com on LinkedIn
REGISTERTerms
Everything you need know

Farpointe Data Urges Channel Partners To Add Anti-hacking Measures To Their Access Control Solutions

Published on Feb 15, 2017

The first is MAXSecure, which provides a higher-security handshake, or code, between the proximity or smart card, tag, and reader to help ensure that readers will only accept information from specially coded credentials
Wiegand over-the-air protocol is no longer secure due to its original obscure and non-standard nature

Farpointe Data, the access control provider of RFID solutions, is notifying its access control manufacturers, distributors, integrators, and dealers that hacking of access control systems has become a threat far bigger than most think. Protecting their end-users from hackers is imperative for channel partners.

Cyber Security Breaches

"The U.S. federal government suffered a staggering 61,000 cyber-security breaches, that it knows of, last year alone," reports Farpointe Data President Scott Lindley. "Several recent events highlight the importance of why the access control channel must work with their customers to deal with accelerating hacking attacks."

According to Lindley, the most important is that the U.S. Federal Trade Commission (FTC) has decided that it will hold the business community responsible for failing to implement good cyber security practices and is now filing lawsuits against those that don't. An appeals court has backed its lawsuit against the hotel chain operator Wyndham Worldwide for not protecting consumers' information and, just recently, the FTC filed a lawsuit against D-Link and its U.S. subsidiary, alleging that it used inadequate safeguards on its wireless routers and IP cameras that left them vulnerable to hackers.

Wiegand Over-The-Air Protocol

"Prospective penalties go beyond FTC threats, though," Lindley warns. "A luxury hotel in Austria, the Romantik Seehotel Jaegerwirt, recently had to pay hackers a ransom after they managed to access its electronic key system and lock all the hotel guests in their rooms. Approximately 180 people were staying at the hotel on that day. Many were locked in their rooms, while others were locked out of theirs. The hackers demanded €1,500, about $1,600. The hotel decided to pay, explaining that they felt that they had no other choice, especially because neither police nor insurance could help them."

"The U.S. federal government suffered a staggering 61,000 cyber-security breaches, that it knows of, last year alone"

Adding to the problem, states Lindley, is that Wiegand, the industry standard over-the-air protocol commonly used to communicate credential data from a card to an electronic access reader, is no longer inherently secure due to its original obscure and non-standard nature.

MIFARE DESFire EV1 Smartcard Platform

For this reason, Farpointe has introduced features such as potting all readers and options that can be added to the readers. The first is MAXSecure, which provides a higher-security handshake, or code, between the proximity or smart card, tag, and reader to help ensure that readers will only accept information from specially coded credentials. The second is Valid ID, a new anti-tamper feature available with contactless smartcard readers, cards, and tags. It can add an additional layer of authentication assurance to NXP's MIFARE DESFire EV1 smartcard platform, operating independently, in addition to, and above the significant standard level of security that DESFire EV1 delivers. Valid ID lets a smartcard reader effectively help verify that the sensitive access control data programmed to a card or tag is not counterfeit.

"With the increasing incidences of hacking throughout the world and the fact that the FTC is now reviewing such cyber security lapses should make channel partners providing access control products and systems take notice and suggest anti-hacking solutions to their customers," Lindley argues.

Download PDF Version

Follow us for latest editorial and commercial opportunities
People mentioned in this article

Scott Lindley
Scott Lindley


Please rate this article


Related videos
Featured White Paper

The evolution of cards and credentials in physical access

Physical access control has been a key component of many organisations’ security strategies for several decades. Like any technology, access control has evolved over the years, and solutions now offer more security and convenience than ever before. From swipe technologies, such as the now antiquated magnetic stripe, to a variety of contactless technologies and mobile access credentials, businesses now have several choices when it comes to access control.

This White Paper will examine the technologies available today and the bright future of mobile access, as well as clarify why you should ensure that each component of the access control ecosystem is as secure as possible.


See privacy and cookie policy