An anonymous reader writes "During the "27th Chaos Communication Congress" (http://events.ccc.de/congress/2010) held in Berlin this last December, a document was presented that shows how to expose the security keys of HID's proprietary iClass physical access cards. By some reports, over 80% of US-based institutions have deployed iClass physical access cards and readers. Look around your building and see if your door card reader has the HID logo. This exposes hospitals, universities, sea-side ports, utility companies, airports, high-tech companies, etc throughout the US to potential physical access security breaches. Those intimate with physical security have advocated for other PROX and MIFARE technologies. The US Government has been defining new standards in physical access associated with successful US Government employee PIV ID Card (http://csrc.nist.gov/publications/nistpubs/800-116/SP800-116.pdf). Many Government contractors as well as some local state governments have deployed PIV-I ID Cards (http://www.va.gov/pivproject/faq.asp) that rely on updated physical access technology/security. Physical Security managers at these US Institutions should be aware of this new vulnerability and assess their new elevated risks."
Link to Original Source