The J. O'Brien Blog | Above. Beyond. Secure.

Don’t Get Flipped! How the Flipper Zero Cracked PROX

Written by Tony Mowatt | Aug 13, 2025 4:55:37 PM

If your facility still uses 125 kHz PROX cards, there is a pocket device you should know about. It is called Flipper Zero. Security pros use it for testing. The wrong person can use it to copy unencrypted badges. The point of this campaign is simple: Don’t Get Flipped!

This post explains what Flipper Zero is, why PROX cards are at risk, how to tell if you are exposed, and the exact steps to secure your doors. When you are ready, book a free consultation below, and we will assess your system.

What is Flipper Zero?

Flipper Zero is a small multi-tool for penetration testing and electronics tinkering. Among other features, it can interact with low-frequency RFID. That includes many legacy PROX cards that only transmit an ID number. The tool itself is not the problem. Weak credentials are.

We do not publish instructions for unlawful access. Our goal is awareness and defense.

Why PROX Cards Get Flipped

  • No encryption. The facility code and card number are sent in the clear.
  • No mutual authentication. Readers accept an ID without a challenge.
  • Easy duplication. If someone captures the ID, a copy can act like the original.

That design made sense decades ago. It does not make sense in 2025, when portable tools can capture and replay IDs in seconds.

Could My Building Be Flipped?

If any of these are true, you are likely at risk:

  • You issue white clamshell or thin PROX cards labeled 125 kHz.
  • Your reader spec sheets mention 125 kHz or PROX only.
  • Lost badges are not disabled on the same day.
  • Visitors receive temporary PROX cards with minimal tracking.
  • Multiple sites share the same card format and ranges.

What To Do This Week

  1. Inventory credentials and readers. Note where PROX is still in use. Flag high-value doors first.
  2. Harden policies. Disable unused ranges, deprovision lost cards immediately, and add a PIN on the most sensitive doors.
  3. Plan migration. Choose encrypted credentials such as HID iCLASS SE, MIFARE DESFire EV3, or Seos. Issue multi-tech cards for a smooth cutover.
  4. Upgrade readers in phases. Start at the perimeter and critical rooms. Use dual-mode readers that support legacy and secure modes.
  5. Validate with a controlled test. Confirm that simple replay attempts no longer work.

Your Future-Proof Stack

  • Credential: DESFire EV3 or Seos with strong encryption.
  • Reader: Multi-tech, secure-mode capable, configured for mutual authentication.
  • Policy: PIN or mobile MFA on high-risk doors, rapid deprovisioning.
  • Visitor flow: Verified ID, time-bound badges, clear return procedures.
  • Monitoring: Alerts for unusual reads and off-hours access.

FAQs

Is every Flipper Zero a threat to my building?

No. The threat is unencrypted PROX. Modern encrypted cards with the right reader settings stop casual cloning.

Do I need to replace every badge at once?

No. Use multi-tech cards and dual-mode readers. Migrate over phases without disrupting operations.

Can I hide the reader or lower power instead?

That is security by obscurity. It does not fix the PROX design flaw.

Don’t Get Flipped. Get Assessed.

We will identify your credential type, map the risks, and give you a clear upgrade path with pricing and timelines. The consultation is free.

Book your free consultation

Five minutes of your time for big peace of mind.
View full post