RFID Hack Can Unlock Your Doors With Android Phones

  @ibtimes on March 17 2011 1:40 PM

Security researchers have found that hackers can open doors remotely with a typical Android phone.

Ian Robertson, who writes the blog Cybersecurityguy, and Michael Gough, a security consultant, found that some key card systems that use radio frequency identification chips are connected to the Internet, and thus are vulnerable.

RFID keys are in common use in office buildings, as well as areas such as swimming pools and service entrances. Usually one has to have the RFID card and hold it near the door lock. The two researchers designed an app for the Android smartphone operating system that, armed only with the IP address, can open all the locks on a given network. What makes the exploit important is that all that is needed is the IP address; the phone can open the locks from anywhere in the world.

The hack doesn't work with every card key system, as they are all from different vendors. Both Gough and Robertson are working with the vendor and the U.S. Computer Emergency Readiness Team (part of the department of Homeland Security) to fix the problem before they release the code.

Join the Discussion