Fobs and Swipe Cards: How Safe Are They, Really?

November 29, 2017

To the average person, fobs and swipe cards might seem like a more sophisticated alternative to the traditional lock and key. But despite their sleek, impenetrable appearance, the technology behind them is actually similarly simple — and similarly subject to break-ins.

Here’s how these newfangled keycards work, and how they could be co-opted by someone with sinister intentions.

Fobs and Swipe Cards 101

A swipe card, sometimes referred to as a security pass card, acts (and looks) a lot like a credit card. On the back of the card, there’s a magnetic stripe made up of bar magnet particles. This card can be encoded with data by — you guessed it — an electromagnetic sequence, and the data that a card holds can be customized based on your needs. For instance, you could have a swipe card that allows you both access to your apartment building and to your individual apartment. The former is considered “general” access and the latter is “specific,” and both can be coded onto the same card. The data on your card can include any number of personal details, such as your name, your access level, or even your gender.

These cards can work with three different types of readers:

1. Swipe: You swipe down a slot, like you would with a regular credit card.
2. Insert: You insert the card into a slot, like you would with a “chip reader.”
3. Proximity: You hold the card in front of this contactless reader.

A fob is a small device that acts as a key, with built-in authentication to access apartments and buildings. Fobs often display a randomly generated access code that changes every 30-60 seconds, making it more difficult to hack. They’re small and portable, and typically you just have to hold up your fob to the transmitter in order to gain entry. However, replacing a lost key fob can be pricey, and most apartments don’t allocate more than one fob per resident.

Is Keyless Entry Safer Than a Lock and Key?

Actually, no. Data on these cards is typically not encrypted, meaning that anyone with a card reader could easily copy the ID of an existing chip. Once they’ve obtained the ID, they can just copy it onto another card or fob, essentially making a digital copy of the key. All this can be done in under 60 seconds. To make matters worse, anyone with an Android phone has access to a built-in NFC reader that can be used to clone an entry card’s ID.

That said, fobs often have a rolling code that makes them next to impossible to hack. Short of obtaining the algorithm used to generate these frequently changing codes, interlopers would be hard-pressed to break through that security barrier.

If you live in a building with electronic access, ask your building manager if the data is being encrypted, the security system uses a rolling code, or other security precautions are in place. Depending on your location and the setup of your apartment complex or neighborhood, you may be safest with a fob for building entry and a traditional lock and key to secure your apartment door. Do your research, and call us if you feel that you need additional security measures to keep yourself and your family safe.

— The Lockbusters Team

← All Blog Posts