Download PDF version Contact company

Gallagher Security’s strong commitment to cyber security sees them frequently communicate best practice recommendations to ensure that customers have the knowledge and tools necessary to keep their sites secure and protected against cyber-attacks and malware threats.

Gallagher security advisory

The global security manufacturer this week promptly released a security advisory, following the public exposure of the Default Gallagher MIFARE DESFire and MIFARE Plus keys.

This act means cards using the default keys could be cloned or emulated, resulting in a site’s security becoming compromised. Customers who have followed Gallagher’s long-standing hardening guide, which recommends the use of site-specific keys, are not affected by this disclosure.

Ensuring the continued security of our customers’ sites is our top priority"

Ensuring the continued security of our customers’ sites is our top priority,” said Mark Junge, Gallagher’s Global General Manager for Security, adding “Following the discovery of this exposure, we immediately began communicating with our global team, our network of Channel Partners, and our customers regarding the mitigation options available to them, including our key migration feature released in Command Centre v8.30 earlier this year.

Communicating information on security risks

Mark further stated, “Communicating information about any security risks, as well as providing timely advice and recommendations is of vital importance to us. Our published hardening guide has for many years provided in-depth advice of defensive measures for customers to aid in mitigating possible risk.

The vulnerability only affects sites using a default MIFARE DESFire or MIFARE Plus key. It does not affect Gallagher MIFARE DESFire with a site-specific key, Gallagher Mobile Connect credentials, US Government FIPS201 PIV cards, GovPass, or MIFARE Plus with a site-specific key.

Concerned customers should contact their Channel Partner or local Gallagher representative for further support and advice.

Download PDF version Download PDF version

In case you missed it

Anviz Global expands palm vein tech for security
Anviz Global expands palm vein tech for security

The pattern of veins in the hand contains unique information that can be used for identity. Blood flowing through veins in the human body can absorb light waves of specific wavelen...

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Quick poll
What is the most significant challenge facing smart building security today?