In an era of digital key fobs, smart cards and fingerprint readers, the standard metal door key is so-old school. What security pro needs a key to get into a facility these days?
Lots of them. At companies I know a standard key is needed to get into the front door during off hours, and also to get into the server room.
So my attention was held when Wired reported an iPhone app called KeyMe that lets people photograph a key and have a service reproduce then from a kisok or participating locksmith in some U.S. cities.
It’s supposed to be a service for people who get locked out of their homes. Upload an image of important keys, which are held securely until needed for reproduction.
Except writer Andy Greenberg found a hole: If someone lends you their keys for a few minutes you can quickly make copies of everything on the ring.
Like a digital security device, one of the advantages of KeyMe is there’s an audit trail if someone maliciously uses your key. Big deal — by then it’s too late.
So, just as you have to tell staff to carefully guard their key fobs and smart cards, they have to make sure their keychains aren’t out of sight. That means don’t even hang them on a belt if they can give access to sensitive areas.
One security consultant told Wired that services like KeyMe may lead to people being smarter about who they lend their keychain to. “People are now starting to understand that it only take a couple of seconds to duplicate a key,” he says. “We lock nerds already knew that. Now the normal public is catching on.