Campus ID News
Card, mobile credential, payment and security
FEATURED
PARTNERS
Mag stripe card cloning

St. Louis University dorms dump ID card for brass keys following card cloning incident

Incident reenforces need for secure credentials and campus cards

CampusIDNews Staff   ||   Feb 07, 2024  ||   ,

While most institutions are eliminating physical keys in favor of cards and mobile credentials, Saint Louis University (SLU) was forced to make the opposite move. This comes after a student illegally cloned a valid ‘master’ card and used it to access another student’s dorm room.

According to an article in SLU’s student newspaper, the student used a card-skimming device known as a flipper to copy data from the mag stripe of an campus card belonging to a staff member. This data was then encoded to the magnetic stripe on another card, creating the clone.

We have long known of the vulnerabilities inherent in both magnetic stripe and 125kHz prox technologies, still thousands of facilities continue their use.

According to an anonymous residence advisor, the cloned card belonged to a staff member who had master access to the residence halls, so the forged card could potentially provide entry to any dorm room.

This aligns with a university statement.

In an email to students, the university said the switch to keys was due to an incident involving a student worker in the central housing office.

Though not explicitly confirmed, it would follow that the cloned card belonged to a housing staffer with master access privileges to residence hall rooms.

Fortunately, though the impacts of the cloning could have impacted life safety, they were minor. The university says the unauthorized access was limited to the single event, no one was hurt or robbed, and the card skimmer was confiscated.

The anonymous residence advisor says a female student used the card to enter her ex-boyfriend’s dorm room.

In response to the incident, the university suspended use of ID cards at residence hall doors and returned to physical keys. The campus cards are still being used for functions including parking, dining, and access to non-residence hall buildings on campus.

SLU’s reacted quickly to remedy the situation. Because the doors in the dorms had both physical and electronic locks, in just a few days card access was shut down and physical keys were provided to residents.

There are lessons to be learned for campuses across the country and beyond.

The SLU case is just one more in a decades-long string of events that demonstrate the dangers associated with antiquated ID technology. We have long known of the vulnerabilities inherent in both magnetic stripe and 125kHz prox technologies, still thousands of facilities continue their use. Migration to secure chip-based contactless and NFC credentials is essential to guard against card cloning and other security threats.

 

Related Posts

Subscribe to our weekly newsletter

RECENT ARTICLES

Mobile credential buy-in video image
Dec 05, 24 / ,

Key steps to get buy-in for mobile credentials on your campus

  In this episode of CampusIDNews Chats we explore how to get buy-in for mobile credentials on your campus and lay the groundwork with your colleagues and administration. Our guest Tim Nyblom, Director of End User Business Development for Higher Education for HID Global, starts with the concept of university branding. But often the ID […]
Penn State Go mobile app
Dec 05, 24 / ,

Penn State moves to Transact Mobile Ordering

After years of experience and a variety of mobile ordering solutions, Penn State is transitioning to the Transact Mobile Ordering app. At the institution’s main location – the University Park campus – a number of dining locations have already launched the service. All on-campus locations will be up and running by spring according to an […]
Spreadsheet
Dec 04, 24 /

UConn card office's recently published budget shows declining revenues

Like other institutions, University of Connecticut students pay mandatory fees to fund various non-academic programs and services. One of these fees, UConn’s General University Fee, helps support the One Card Office as well as Recreational Services, the performing arts center, Student Activities, the Student Union, and more. The General University Fee for the 2024/2025 academic […]
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.
Twitter

Attn: friends in the biometrics space. Nominations close Friday for the annual Women in Biometrics Awards. Take five minutes to recognize a colleague or even yourself. http://WomenInBiometrics.com

Feb. 1 webinar explores how mobile ordering enhanced campus life, increased sales at UVA and Central Washington @Grubhub @CBORD

Load More...
Contact
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301
www.AVISIAN.com[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2024 CampusIDNews. All rights reserved.