What are the main RFID security weaknesses, and how does a Flipper Zero exploit them?
Weak/absent encryption, replay attacks, and card cloning — a Flipper Zero is a portable multi-tool that can read, emulate, and clone RFID/NFC signals, defeating systems that only check the UID.
The simplicity of RFID (especially older implementations) carries real risks:
- Weak encryption: many older systems use little or no encryption, so data between tag and reader can be intercepted and decrypted.
- Replay attacks: a legitimately intercepted communication is recorded and replayed later (e.g. to simulate access rights without the original tag).
- Card cloning: an attacker reads a tag's identification data and copies it to a blank tag — duplicating the card for unauthorised access. This works when only the UID (serial number) is checked.
The Flipper Zero is a portable multi-tool for hackers/security researchers that supports RFID and NFC; it can read, emulate, and clone signals. Vulnerable: old building access systems, hotel room cards, employee badges without modern encryption.
Tip: "Security by UID only" is the fatal flaw — if a door just checks a card's serial number with no cryptographic challenge, that number can be copied onto any blank card.
Go deeper:
Flipper Zero (Wikipedia) — the read/emulate/clone multitool for 125 kHz RFID and 13.56 MHz NFC.