RFID access cards are often used to secure entry points in the corporate enteprise facilities. They are very convenient, relatively inexpensive, and generally assumed to be highly secure. This session explains how these cards are programmed, what their vulnerabilities are, and the choices available to secure them. Also demonstrated will be how the most common access card can be hacked, cloned, and minted to subvert policies and controls to access corporations, data centers and other critical environments.
Terry has spent the last 10 years specializing in large scale fortune 1000 implementations of digital identity management, authentication, and access management. He has consulted and strategized on deploying PKI and smart cards for some of the largest companies in the world. Currently, he works independently to help organizations identify their vulnerabilities in these areas, gain operational efficiencies around solutons to address them, and migrate away from insecure building access credentials to high security open standards to become vendor-neutral.