HID iCLASS (Legacy) Compatible Cards & Fobs
HID iCLASS (legacy) is the first-generation 13.56 MHz contactless smart card from HID Global, widely deployed from the early 2000s onward but now considered cryptographically outdated for high-security use.
Built on the INSIDE Contactless PicoPass silicon, iCLASS legacy cards operate at 13.56 MHz using ISO 15693 and support mutual authentication with 64-bit DES-derived diversified keys and memory capacities from 2k to 32k bits. Standard-keyed deployments are vulnerable to widely available cloning tools following the public exposure of HID's authentication key — American Key Cards supplies compatible replacement cards for standard-keyed systems and advises customers on migration paths to iCLASS SE or Seos where security requirements demand it.
HID iCLASS (Legacy) specifications
- Brand / OEM
- HID Global / ASSA ABLOY
- Technology
- 13.56 MHz Contactless Smart Card (ISO 15693 / ISO 14443B)
- Frequency
- 13.56 MHz
- Chip
- INSIDE Contactless PicoPass (2KS / 32KS)
- Bit formats
- 26-bit Wiegand H10301 (8-bit facility code + 16-bit card number), 37-bit H10302 (no facility code), 37-bit H10304 (16-bit facility code + 19-bit card number), Corporate 1000 (35-bit), Any HID format — field programmable
- OEM part numbers
- 2000, 2002, 2003, 2004, 2080, 2100, 2102, 2103, 2104, 205x (Key Fob II)
Our compatible HID iCLASS (Legacy) credentials
American Key Cards manufactures non-OEM credentials engineered to work with your existing HID readers — no hardware changes, encoded to your facility code and card-number range.
Can HID iCLASS (Legacy) cards be copied?
HID iCLASS (Legacy) is an open format, so a compatible card can be produced from your facility code and card number. We don't copy individual cards on request — we manufacture new, correctly-encoded credentials for systems you own or manage.
Standard-keyed iCLASS legacy cards are practically cloneable. HID's proprietary standard authentication key was publicly exposed by security researchers circa 2010–2012; tools such as the Proxmark3 (Iceman firmware) and Flipper Zero can read and write standard-keyed cards in seconds using the leaked transport key. Cryptographic analysis also revealed that the key diversification algorithm (INCrypt32 / DES-based) has serious weaknesses. A 'downgrade attack' additionally allows PACS data extracted from an SE or Seos credential to be written onto a blank legacy card, fooling any reader left in legacy mode. IMPORTANT EXCEPTION: cards programmed under the HID Elite Key program use a custom organisation-specific master key. While the LOCLASS attack (2012) demonstrated that Elite keys can be recovered by briefly interacting with a reader, this requires physical reader access and specialised hardware — materially raising the bar beyond standard-keyed cards. SIO-secured or Elite-programmed iCLASS cards should not be treated as equivalent to standard-keyed cards. AKC can supply standard-keyed replacement cards; Elite-keyed re-issuance requires involvement of the system administrator who holds the Elite master key.
Where HID iCLASS (Legacy) is used
- Legacy commercial office buildings
- Multi-tenant residential with iCLASS readers
- Healthcare facilities on older iCLASS infrastructure
- Universities migrating from 125 kHz to smart card
- Government and education sites (pre-SE/Seos era)
Compatible readers
Related formats
You might also need
HID iCLASS SE
HID iCLASS SE is the second-generation 13.56 MHz smart card platform, introducing Secure Identity Objects (SIOs) and AES encryption to make credential cloning technically infeasible.
View compatible cardsHID Prox H10301 (Standard 26-Bit)
The HID H10301 26-bit format is the most widely deployed proximity card format in North America, used on millions of doors across commercial and residential buildings.
View compatible cardsMIFARE Classic 1K
MIFARE Classic 1K is the world's most-deployed contactless smart card format, running at 13.56 MHz with 1 KB of CRYPTO1-protected memory across 16 sectors — widely used in legacy access control and hotel lock systems but known to be cloneable.
View compatible cardsHID iCLASS (Legacy) — FAQ
Can HID iCLASS legacy cards be cloned?
Standard-keyed iCLASS legacy cards are practically cloneable — HID's default authentication key was exposed by academic researchers and is now embedded in tools like the Proxmark3 and Flipper Zero. If your site uses the optional Elite Key program with a custom master key, the bar is significantly higher, though not theoretically unbreakable. If security is a concern, upgrading to iCLASS SE, Seos, or a modern format is strongly recommended.
Will your iCLASS cards work with my existing HID readers?
Yes. Our standard-keyed iCLASS cards are programmed with your exact facility code and card number range and are compatible with all HID iCLASS readers in their default or legacy mode, including SE and Signo readers that have legacy support enabled.
What memory size do I need — 2k, 16k, or 32k?
For standard physical access control (a single door-access application), 2k bit (256 bytes) is sufficient. 16k bit adds capacity for a second application such as cashless vending or biometric template storage. 32k bit supports up to 16 independent application areas. Most replacement card orders are 2k bit (part numbers ending in 0 or 2).