Do key copying kiosks threaten access control systems?

Yes and no!

Yes they can clone “most RFID keys that are used today” then mail new cards to you “in three to five days,” but they cannot duplicate higher technology Smart cards.

Despite their bold claim, KeyMe kiosks, which are popping up all around us, cannot copy any key!

Common house keys, as well as mailbox, padlock and some specialty keys, can be duplicated while you wait. However, there are countless restricted and patented keys, like Primus and Medeco, which cannot be duplicated at a kiosk, and won’t be duplicated at a legitimate locksmith company, like Anderson Lock, without written authorization.

Furthermore, though many popular vehicle makes and models are listed on the KeyMe website, I clicked on one and got the response, “Your key has a chip that requires programming in your vehicle. Our concierge can arrange an expert locksmith to help you copy it…” In other words, despite their declaration, most likely KeyMe cannot duplicate your car key, either.

While the ability to copy key fobs and prox ID key cards does seem to threaten the $12 billion per year access services industry, the security of existing access control systems is not as vulnerable as it may seem.

Many newer systems already use Smart cards. These higher technology cards look the same as the older cards, but instead of only having a key card number, they contain a computer chip which stores additional user information (i.e. employee name, photo, department, etc.). “Multi-technology card readers” read both kinds of cards, so facilities can gradually upgrade credentials.

Due to its lower cost and audit trail capability, low frequency is still the most prevalent access control technology in use today. Key cards equipped with RFID (Radio Frequency Identification) contain a small chip, programmed with data, along with a tiny antenna that transmits that data via a weak signal to nearby receivers. If the system recognizes the signal as an authorized entry, it electronically unlocks a door.

Careful administration of software systems adds security controls, for example, a copied card would not have any more “after hours” access than an original card. Also, if someone is no longer “an authorized user” their key card should be physically returned, and their identification number should immediately be removed from the system, assuring that a copied card would no longer be a threat.

No security technologies are flawless. Most credit and debit cards rely on magstripe technology which has been around the longest, and is perhaps the most vulnerable of all credential technology, but is still actively deployed.

Keys at Anderson LockTraditional keys are as easy to copy as low frequency prox ID cards, but they’ve nevertheless been used for decades. Keys secure doors around the world. Should everyone worry that their keys could be copied and used for unauthorized access? In most applications, no.

The majority of electronic access control systems are installed into non-residential sites such as industrial, educational and municipal. If you have concerns about the security of your facility, call Anderson Lock’s electronic access control experts. They are knowledgeable with both low frequency and high frequency cards and readers, as well as secondary authorization products.