Proximity Card Spoofer

proximity toy
It is really hard to find good information online about proximity cards. I’m sure some companies consider this obscurity a form of security, but Jonathan Westhues demonstrates how severely flawed that notion is. He found a data sheet mentioning a 125kHz carrier frequency. He was off and running from there, eventually building a device that can read and repeat a proximity card’s data. It’s been argued that RFID technology is safe because of the short read distance. Jon actually found it easier to passively read cards that were being energized by a legitimate reader than by the device alone. Make sure you check out his home built PCB mill while you’re at the site.

[Thanks barbobot]

8 thoughts on “Proximity Card Spoofer

  1. Sophomore? students at Olin College ( made a similar contraption. They built their own USB reader and also built a handheld spoofer. I got to see it when I visited. It was an interesting project, as the entire school’s physical security is based on these cards, and the students as a school sanctioned project broke it.

  2. I think the ski areas around the world (the richer ones use proximity cards) are going to love this ;)

    …but think of the possibilities: free entry to public transportation, schools and ski resorts. Also coming soon: amusement parks. Yay for proximity card spoofing.

  3. Perimeter security breached ;)

    For those interested, Jonathan will give a presentation on his proximity card reader/simulator at the REcon conference (, Montreal, 17-19 June 2005).

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.