Digital Identity: Are RFID-Employee badges actually safe?
Thuringian hackers made unauthorized payments and unlocked doors in the name of third parties with cloned university cards. Fortunately, only to show weaknesses of the multifunctional chip card. Not long ago similar employee badges were used in German airports to secure sensitive areas, such as access to the runway. Both cards used the same out-dated technology.
Alarm bells ringing
At least 60 percent of the employee badges used in German organizations are out-dated and therefore dangerous. Those badges are not safe anymore. The cards are based on technologies (LEGIC® Prime or Mifare classic) which are more than 20 years old. Hackers can copy the digital identity and manipulate its data. It is possible for this to be repeated at any time until the upgrade to a new and safe technology is completed.
Particularly urgent action required on digital identity
The need for action within companies of all sizes is immense. The classical workplace disappears. Employees work at varying locations, often bring own devices and still must be uniquely identifiable. The digital identity becomes more comprehensive: Meanwhile, up to 20 applications are joined into one digital identity by an employee badge. At the same time, attack scenarios become more sophisticated and complex. Accordingly, security requirements grow. To assure protection, a modern technology with high encryption must be used.
Without a digital identity, many companies can not do anything today. One variant is the smartcard. The most widely used are applications such as time recording, access control, graduated access rights in various departments and company-owned payment systems for canteens.
Every introduction of a digital identity is preceded by a comprehensive analysis of the initial situation. In doing so, we focus on the dependencies and relationships of a solution and capture existing technologies, databases, systems and hardware as well as suppliers. We accompany every step from concept development through implementation to final acceptance.
As efficient as possible, as safely as necessary
A digital identity eases the log-on. The employee can focus on his or her job and does not need to care about the log-in. This is done by automated processes. The digital identity with its sensitive personalized data must not fall into the wrong hands but should stay in control of the company.
The latest and most safe infrastructure is still fragile, if not all affected processes are consistent. For the badge production assigned processes are to be defined and implemented, e.g. concerning unrelease data or badge-lifecycle. For this reason, it is important to achieve an overall concept. Besides security aspects, there must be a focus on process optimization, scalability, investment protection and future safety.
NFC business card
NFC Business cards – Simple, reusable, and one-click, it saves you as a contact with your business partners with NFC-enabled devices – Create your own NFC business cards with our free Android app!