You tap your key fob on the reader, the door unlocks, and you walk in. Simple, right? But what actually happens in that split second between tap and unlock? And how does fob cloning replicate that process? Let's break down the technology in plain language.
What's Inside Your Key Fob
Most building access fobs contain two things: a tiny microchip and a copper antenna coil. That's it. There are no batteries, no moving parts, and no GPS or tracking devices. The fob is completely passive — it does nothing until it comes into proximity with a reader.
The microchip stores a unique identification number (and sometimes encrypted data). The antenna coil receives energy from the reader and uses that energy to transmit the chip's data back to the reader. This technology is called RFID — Radio Frequency Identification.
The Two Main Frequency Bands
Building fobs operate on one of two main frequency bands, and understanding which one yours uses is key to understanding the cloning process.
125 kHz — Low Frequency (LF)
This is the older, simpler standard. Brands like HID ProxKey, AWID, and IoProx use this frequency. These fobs store a simple ID number without encryption. They're the most common fobs in Toronto condos built before 2015 and are the easiest to clone.
When you tap a 125 kHz fob on a reader, the reader emits a radio signal at 125,000 cycles per second. This signal energizes the fob's antenna coil, which powers the microchip. The chip then transmits its ID number back to the reader on the same frequency. The reader checks the ID against its database, and if it matches, the door unlocks. The entire exchange takes milliseconds.
13.56 MHz — High Frequency (HF)
This is the newer, more secure standard used by Mifare, SALTO, HID iClass, and other modern systems. These fobs use encryption to secure the data exchange between fob and reader, making them more challenging (but not impossible) to clone.
The communication process is similar — the reader energizes the fob, the fob transmits data — but with an added layer. Before sharing its data, the fob and reader perform a cryptographic handshake. They exchange encrypted keys to verify each other's identity. Only after this handshake succeeds does the fob transmit its access credentials.
How We Clone Your Fob
The cloning process varies depending on the fob type, but the general principle is the same: we read all the data from your original fob and write an exact copy to a new blank fob.
Step 1: Identification
First, we place your fob on our reader to identify what type it is — the manufacturer, frequency, and encoding format. Our equipment can identify over 85 different fob types automatically. This step takes about 2 seconds.
Step 2: Reading
Next, we read the full contents of the fob's memory. For simple 125 kHz fobs, this means reading the ID number and any facility codes. For encrypted 13.56 MHz fobs, this involves running the appropriate decryption routines to extract the secured data. Depending on the encryption type, this can take anywhere from 5 to 30 seconds.
Step 3: Writing
We then select a compatible blank fob and write the extracted data to it. The blank fob must match the original's frequency and protocol. The write process programs the blank fob's microchip with an exact copy of the original's data, making it electronically indistinguishable from the original.
Step 4: Verification
Finally, we read the newly written fob and compare its data byte-for-byte against the original. If every single byte matches, the clone is perfect. We verify this three times before handing you the copy — hence our “triple-check” guarantee. If anything doesn't match, we redo the process.
What About “Uncopyable” Fobs?
You may have been told your fob can't be copied. In most cases, this simply means the person telling you doesn't have the right equipment. The technology for duplicating even advanced encrypted fobs has progressed significantly in recent years. We invest in the latest equipment specifically to handle fob types that other services can't.
That said, a small percentage of fob systems use rolling codes or cloud-authenticated protocols that genuinely cannot be cloned with current technology. If we encounter one of these, we'll tell you upfront — we never charge for a fob we can't copy.
Why Copies Work Identically to Originals
A common concern is that a copy might not work as reliably as the original. This concern is unfounded. The copy contains the exact same data as the original, stored on the same type of chip, using the same encoding. From the reader's perspective, the copy and the original are identical. The reader has no way to tell them apart.
The copy will have the same read range, the same response time, and the same access permissions as the original. It will work on every reader that your original works on, and it will be denied by every reader that your original is denied by. It's a true one-to-one duplicate.
Want Your Fob Cloned?
Now that you understand how the technology works, come see it in action. Visit FobTO in North York — we'll clone your fob in under 60 seconds with a lifetime warranty. No appointment needed.