Title: (S2) SCENARIO 2: ENHANCED PROXIMITY CARD

(S2) Scenario 2: Enhanced proximity card

The Access Ultra Inc. last year has issued a new proximity card. In this system in addition to traditional authentication of the used card the reader is authenticating itself with a relatively simple reader number to the card. The card has a limited storage in which performed access procedures are stored decentralised in addition to the central access management systems’ log. 

The computing centre Calculations Inc. has introduced these proximity cards six months ago. Recently internal reviews uncovered, that a secured room was accessed in an authorised way, and property (in this case several storage tapes) was removed unauthorised. Very soon the number of the access card used for the access was identified, and the corresponding user, a system administrator, was arrested. The data log from his local card was compared with the central log. At this point it became clear, that his card was not used at the time. Most likely a cloned card had been used to facilitate an unauthorised access. This later also was confirmed by witnesses and a technical analysis. The innocent administrator was released immediately.  

The system was reconfigured to set up an alarm in case this card number would be reused, and the innocent administrator received a new card. Two weeks later the attacker was arrested while trying to access another room unauthorised using a cloned proximity card. He told the police that he used a mobile reader to read out the data from the administrator’s card while standing in a queue in a shop and used this data for cloning the card. He had simply followed the man when he went to work, so he knew where to try an attack. The stolen tapes were found in the attacker’s home. They were not damaged. As the content was encrypted, the attacker had not been able to abuse the stored data from the tapes.