Wiegand hacking and the OSDP protocol
If you're in access control, you may already be aware of a flaw in legacy specifications such as Wiegand, which can give hackers control of access points.
To see how easy it is to hack an access control system, Google any of the following phrases:
Even some advanced biometric readers, when used with a legacy connection such as Wiegand, can be hacked. Why? The legacy connection has no way to hide the data it transmits.
Connecting a skimmer takes just seconds: The reader is basically unscrewed, the device is set over the wires, punched down, and the reader is replaced. The reader never goes offline and installing the skimmer doesn't require any manual splicing of wires.
The device can read transmitted data, send it to a hacker, and allow the hacker control over an entrance point, allowing the hacker to harvest credential information to sell, or use stolen data to access a facility and block authorized personnel.
Hacking an entrance can compromise lives, safety and assets, and increase an organization's liability, but the flaw can be secured by switching to SIA's Open Supervised Device Protocol (OSDP) v2 with Secure Channel. Along with hacking protection, OSDP offers a range of other benefits.
To see how easy it is to hack an access control system, Google any of the following phrases:
- Wiegand reader hack
- Wiegand reader security flaw
- Wiegand reader vulnerability
Even some advanced biometric readers, when used with a legacy connection such as Wiegand, can be hacked. Why? The legacy connection has no way to hide the data it transmits.
Connecting a skimmer takes just seconds: The reader is basically unscrewed, the device is set over the wires, punched down, and the reader is replaced. The reader never goes offline and installing the skimmer doesn't require any manual splicing of wires.
The device can read transmitted data, send it to a hacker, and allow the hacker control over an entrance point, allowing the hacker to harvest credential information to sell, or use stolen data to access a facility and block authorized personnel.
Hacking an entrance can compromise lives, safety and assets, and increase an organization's liability, but the flaw can be secured by switching to SIA's Open Supervised Device Protocol (OSDP) v2 with Secure Channel. Along with hacking protection, OSDP offers a range of other benefits.

Register for the free Security Industry Association webinar,
Hacked in 60 Seconds: How legacy Wiegand exposes modern access control
– Babak Javadi, hacking and penetration testing expert, and The CORE Group security auditors Director of Research
Hacked in 60 Seconds: How legacy Wiegand exposes modern access control
- Speakers:
– Babak Javadi, hacking and penetration testing expert, and The CORE Group security auditors Director of Research
- Oct. 10, 2018, 2 p.m. ET
- Register here