Weighing the hacking risks

By taking certain measures and implementing multiple tiers of security, users can do a great deal to alleviate the risk of hacking.

Wiegand technologyWiegand is a 20-year old, relatively basic standard; yet it lives on at the heart of many cutting-edge access control systems. It was adopted from the original Wiegand Reader Technology that includes an authentication code contained in 26 bits of data. Today, almost any kind of reader technology, such as Proximity, Contactless Smart Card and even advanced biometric systems, still often use the Wiegand Protocol to communicate between readers and access control panels.
Like any other communications standard, the Wiegand Protocol has some good features and some weak ones. Its strengths include its wide industry adoption; its low implementation cost; the ability to travel relatively long distances; and the fact that it is electrically robust and immune to damage.

Unfortunately, Wiegand also has some limitations. First, it provides no authentication between readers and access control panels, making it easy to intercept codes. Second, 26 bits of data are very limiting.

During the DefCon conference in Las Vegas last August, Zac Franken demonstrated how to attack the widely used Wiegand protocol. However, Security expert Mike Davis, Director of Intellectual Property at HID Global, says that such an attack is still quite difficult and risky, particularly compared to other break-in methods, and he recommends some industry best practices that will help keep the hackers at bay.

Read the entire article at Future Lab.