2 min read

Key-cloning app lets you (or a stranger) copy your key with a photo

Filip TRUȚĂ

July 07, 2017

Key-cloning app lets you (or a stranger) copy your key with a photo

It”s Friday, mere hours away from a well-deserved weekend. In that spirit, let”s take a break from topics such as ransomware and encryption keys, and take a look at the old-fashioned kind of keys. Namely at KeyMe, an app + service that allows you to duplicate physical keys by just photographing them.

Despite being marketed as an answer to frustrating lockouts, KeyMe actually makes it ridiculously easy to steal someone”s house keys. It works like this:

With the free app for iOS and Android, users scan a key and send it to KeyMe to have a new one created and mailed to them. The service can save you a trip to the locksmith and let you customize your key with cool designs.

Users must place the key on a white sheet of paper and shoot it from both sides. On request, KeyMe uses the scans to create an exact duplicate which they mail to you, or anyone else making the request. They even do car keys.

“Avoid repeat trips to the locksmith,” reads the company”s website. “Traditional locksmiths manually trace your keys. Our patented technology digitally scans your key and creates a perfect duplicate aligned to factory specifications, guaranteed to work. Your key, only more accurate.”

The service is simple to conduct because of a thing called key bitting, which refers to how the “teeth” on a key are cut and arranged to lift individual pins to a correct height, at which point the lock is opened. The bitting tells a locksmith how to cut a key to make an additional copy.

Each manufacturer offers its own key bitting with unique properties so as to create a wide variety of possible combinations, ensuring that no other key (or at least not many other keys) can open the same lock.

The company says it offers “the most secure way to copy keys,” claiming it does not store information linking your key with a certain lock or location, and that it deletes mailing access once the order has been shipped. Nothing wrong with that.

But even though all transactions are verified with a credit card and email confirmation, that doesn”t prevent a complete stranger from creating their own account, scanning a key that doesn”t belong to them and requesting a copy be sent to their address. Are we missing something?

We can”t help but recall the Washington Post”s blunder in 2015 when the publication, aided by a similarly heedless TSA staffer, posted a close-up of the entire spread of TSA master keys, which allowed lock-pickers to copy the “teeth” pattern and devise their own duplicates.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

The Perils of Online Dating: Spotting Romance Scammers Before They Break Your Heart and Your Bank Account The Perils of Online Dating: Spotting Romance Scammers Before They Break Your Heart and Your Bank Account
Alina BÎZGĂ

August 05, 2021

3 min read
Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux
Filip TRUȚĂ

August 05, 2021

1 min read
Google Drops All Support for Android 2.3.7 and Older Google Drops All Support for Android 2.3.7 and Older
Silviu STAHIE

August 04, 2021

1 min read