Campus ID News
Card, mobile credential, payment and security
FEATURED
PARTNERS
Mag stripe card cloning

St. Louis University dorms dump ID card for brass keys following card cloning incident

Incident reenforces need for secure credentials and campus cards

CampusIDNews Staff   ||   Feb 07, 2024  ||   ,

While most institutions are eliminating physical keys in favor of cards and mobile credentials, Saint Louis University (SLU) was forced to make the opposite move. This comes after a student illegally cloned a valid ‘master’ card and used it to access another student’s dorm room.

According to an article in SLU’s student newspaper, the student used a card-skimming device known as a flipper to copy data from the mag stripe of an campus card belonging to a staff member. This data was then encoded to the magnetic stripe on another card, creating the clone.

We have long known of the vulnerabilities inherent in both magnetic stripe and 125kHz prox technologies, still thousands of facilities continue their use.

According to an anonymous residence advisor, the cloned card belonged to a staff member who had master access to the residence halls, so the forged card could potentially provide entry to any dorm room.

This aligns with a university statement.

In an email to students, the university said the switch to keys was due to an incident involving a student worker in the central housing office.

Though not explicitly confirmed, it would follow that the cloned card belonged to a housing staffer with master access privileges to residence hall rooms.

Fortunately, though the impacts of the cloning could have impacted life safety, they were minor. The university says the unauthorized access was limited to the single event, no one was hurt or robbed, and the card skimmer was confiscated.

The anonymous residence advisor says a female student used the card to enter her ex-boyfriend’s dorm room.

In response to the incident, the university suspended use of ID cards at residence hall doors and returned to physical keys. The campus cards are still being used for functions including parking, dining, and access to non-residence hall buildings on campus.

SLU’s reacted quickly to remedy the situation. Because the doors in the dorms had both physical and electronic locks, in just a few days card access was shut down and physical keys were provided to residents.

There are lessons to be learned for campuses across the country and beyond.

The SLU case is just one more in a decades-long string of events that demonstrate the dangers associated with antiquated ID technology. We have long known of the vulnerabilities inherent in both magnetic stripe and 125kHz prox technologies, still thousands of facilities continue their use. Migration to secure chip-based contactless and NFC credentials is essential to guard against card cloning and other security threats.

 

Subscribe to our weekly newsletter

RECENT ARTICLES

Harvard's Crimson Cash ends

Harvard’s Crimson Cash ends as laundry and printing move to other payment methods

Last summer, Harvard announced that it was phasing out its decades-old Crimson Cash declining balance program. Citing declining usage and the prevalence of open system debit and credit cards, they began a yearlong multi-step elimination plan. This month, the final stages of this plan will be complete, and the one of higher ed’s pioneering declining […]
Jeff Bransfield, Assa Abloy, discusses iDFace Max terminal

New facial recognition reader stores 100,000 templates, ideal for dining and athletics

A new facial recognition reader from Assa Abloy’s Control iD line can store 100,000 templates on the device, enabling standalone usage or integration with existing security systems. In a conversation with CampusIDNews, Jeff Bransfield, Regional Director of Digital Access Solutions for Assa Abloy, introduces the iDFace Max. The new seven-inch facial identification terminal is receiving […]
SNHU building
Jun 11, 25 / ,

Second largest university replaces outdated hardware with Allegion readers

While most people know Southern New Hampshire University as a private, online institution, it does have a physical campus. Its 3,000 students need ID cards, and its facilities require security and other transaction-related services. In terms of total enrollment, SNHU is the second largest accredited higher ed institution in the country. With more than 175,000 […]
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.
Twitter

Attn: friends in the biometrics space. Nominations close Friday for the annual Women in Biometrics Awards. Take five minutes to recognize a colleague or even yourself. http://WomenInBiometrics.com

Feb. 1 webinar explores how mobile ordering enhanced campus life, increased sales at UVA and Central Washington @Grubhub @CBORD

Load More...
Contact
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301
www.AVISIAN.com[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2025 CampusIDNews. All rights reserved.