A relay attack is a security breach in which attackers intercept and transmit communication signals between two devices, such as a card and a reader, in order to gain unauthorised access. In the context of access control systems, this involves extending the range between a legitimate access card and the reader, tricking the system into allowing entry.
How relay attacks work :
- Set-up: The attackers use two devices: one near the legitimate card (the ‘mole’) and the other near the target reader (the ‘proxy’).
- Signal interception: The mole captures the card’s signal and transmits it to the proxy.
- Signal relay: The proxy transmits the signal to the reader, pretending that the card is present.
- Unauthorised access: The reader authenticates the relayed signal, authorising access without the physical card being nearby.
Preventive measures :
Proximity check: Implementing time-based proximity controls ensures that only cards within a certain distance can be authenticated, as relay attacks introduce significant delays.