What is a Key Fob?

A key fob originally referred to tiny security hardware with built-in authentication to control and secure access to mobile devices, computer systems, network services, and data. It randomly generates an access code that changes periodically, typically every 30–60 seconds. To use a key fob-locked device, users need to authenticate themselves on the fob with a personal identification number (PIN), followed by the current code displayed on it.

These days, though, even car keys come in the form of key fobs to open doors and even ignite their engines. Before the first key fobs for American Motors cars emerged in 1983, these were only used on personal computers (PCs).

Other interesting terms…

• What is a Software Protection Dongle?
• What is Operating System Security?

Read More about a “Key Fob”

How Does a Key Fob Work?

A key fob, particularly a remote keyless entry (RKE) fob, unlocks doors with the push of a button that emits a distinct identity code. Earlier models required a clear line-of-sight and used infrared. Their use, however, was discontinued because they could be easily copied.

Today’s key fobs use challenge-response authentication over radio frequency, which is considered more secure. As they developed, additional functions were added, including unlocking or opening the trunk, starting the engine, and opening sliding side doors on vans.

Unusual Uses of a Key Fob

While key fobs are used to open doors on vehicles and office buildings remotely, many may not know that they have other features as well, such as:

• Lower car windows and open the sunroof
• Fold in car mirrors
• Set car seat adjustment to memory
• Memorize radio presets
• Summon an automated vehicle
• Open garage doors
• Arm and disarm home security systems

Are There Threats Specifically Targeting Key Fobs?

Much like any high-tech device, key fobs are prone to relay attacks.

A relay attack is similar to a man-in-the-middle (MitM) or replay attack. All three involve intercepting information for malicious gains:

• Attackers can hijack radio signals or authentication messages between two devices
• Eavesdroppers may try to locate, block, and store a signal directly from a vehicle key fob, which continually emits radio signals to check for its owner’s proximity
• Cybercriminals may send a signal to a victim’s device to fool it into responding so they can authenticate another device or application in its stead

In a relay attack, actors intercept communication between two parties and, without viewing or manipulating the data, relays it to another device. So, a thief could capture the radio signal from your key fob and relay it to an accomplice. They could then use it to open your car door. In some cases, the attackers may modify the message but only to amplify the signal.

3 Types of Relay Attacks

There may be more types, but for this post, we’ll tackle three of the most common:

• Vehicle relay theft: Motor manufacturers and cybersecurity professionals say incidents of such are on the rise. According to Tracker, a U.K.-based vehicle tracking company, 92% of the cars it recovered in 2019 were taken without their keys.

• Server message block (SMB) relay attack: SMB is a transport protocol used for file and printer sharing. It also allows users to access remote services like mail. An SMB relay attack can be considered a form of MitM attack that exploits a Windows vulnerability. It occurs when a Windows computer in an Active Directory domain leaks a user’s credentials when he/she visits a web page or opens an Outlook email. The NT LAN Manager Authentication does not authenticate the server, only the client. As such, Windows automatically sends a client’s credentials to the service it is accessing. Attackers who exploit the SMB do not need to know a client’s password but can simply hijack and relay it to another server on the same network where the client has an account.

• Contactless card attack: A contactless smart card is a credit card-sized credential. It uses radio frequency identification (RFID) to communicate with point-of-sale (PoS) systems, ATMs, and building access control systems, to name a few. It is vulnerable to relay attacks because it does not require a PIN to authenticate a transaction. It only needs to be near a card reader. To steal users’ credentials, the attackers just need to replace the readers with their own devices.

—

While key fob use does increase convenience, it should be done with caution. Using cybersecurity solutions may help, along with best practices, such as using RFID-blocking card covers.