22 Nov 2018

Vanderbilt's VR Mullion readers combat card hacking with OSDP

Andrew Fulton reels off a startling fact as he sits in his office at the Vanderbilt buildings in Dublin, Ireland. “90% of all access control cards in the industry today are easily copied and cloned,” states Fulton, Head of Access Control Product Line at the company. “Copied credentials, fake credentials, and card cloners can easily be ordered on the internet. This has created the growing realization that most access control ID systems are therefore totally open to being compromised and seriously vulnerable to attack.”

Often considered the first line of defense against those with malicious intent, there is a growing realization that many contactless access control systems currently in-situ are vulnerable to those wishing to interfere with information and operational technology (IT/OT) systems. Most organizations are simply not aware of just how easy they can have their sensitive data – and the hardware it is stored on – hacked, or that the tools to do it can be purchased online for as little as €20.

Tackling Hacking

That’s why one of the key features in Vanderbilt’s new range of VR Mullion readers is the inclusion of the highly secure OSDP (Open Supervised Device Protocol) to help combat people hacking communications. This solution not only secures the cards and readers but also ensures that sniffing devices cannot be installed behind the reader or along the communications path.

“OSDP offers end users more options due to its interoperable nature,” Fulton says. In addition, OSDP's multi-drop capabilities means one length of 2-conductor cable can accommodate many readers, eliminating the need to run wire for each reader.

“Wiegand has been the industry standard in access control technology since the 1980s. But it has failed to keep the pace with today’s new demands, like hacking,” Fulton explains. “An employer using older techniques can no longer rely on the transactions on an audit report being accepted as proof of where someone went as people can simply claim it was not them, and their card must have been copied.”

The Rise of Cybercrime

The possible consequences of not taking this issue seriously are numerous. According to the UK’s National Crime Agency (NCA), cybercrime has now surpassed all other forms of criminal activity. The NCA’s Cybercrime Assessment 2016 recommended stronger law enforcement and business partnership to fight cybercrime, with ‘cyber-enabled fraud’ making up 36 per cent of all crime reported, and ‘computer misuse’ accounting for 17 per cent. The report also suggested that the problem is likely far worse than the numbers suggest, noting that cybercrime is vastly under-reported.

Security systems are better served by an intentionally developed standard such as OSDP, which brings heightened security, interoperability and improved functionality. The new Vanderbilt VR Mullion readers were launched in August 2018. As well as being vandal resistant and tamper protected, they are designed to work with all of Vanderbilt’s systems, including SPC, Omnis, and ACT.

“Our mullion readers were designed to perform in even the harshest environments. They have been successfully tested to withstand extreme weather conditions, varying from -40c to +70c. The readers are manufactured with a high-quality zinc casted metal frame for extra durability and quality, and have been tested to withstand 5 joules of impact, a feat you just won’t get with plastic readers,” summarizes Fulton.