Cloning or Forging ID Cards for Physical Access

The subject obtains, clones, fabricates, or otherwise manipulates physical access credentials—such as RFID cards, NFC badges, magnetic stripes, or printed ID cards—to gain unauthorized access to secure areas. This behavior typically occurs during early-stage preparation for insider activity and enables covert physical entry without triggering standard identity-based access controls.

Badge cloning can be performed using low-cost, widely available tools that can read and emulate access credentials. Forged ID cards are often visually convincing and used to bypass casual visual verification by staff or security personnel.

Example Scenarios:

• A subject uses a Flipper Zero device to clone the 125kHz RFID signal of a coworker's legacy access badge and uses it after hours to enter the data center undetected.
• A forged ID badge created with a common card printer and online templates is worn by a co-conspirator to impersonate an IT contractor and access a locked communications room.
• The subject photographs a single-use QR visitor code from a printed pass and shares it with an external party, who uses it to enter the premises before expiration.
• A magnetic stripe card is skimmed using a USB swipe reader and rewritten onto a blank hotel-style access card.