Here is a question we hear regularly from facilities managers and security installers: are proximity cards and RFID cards the same thing? The short answer is no, but proximity cards are a type of RFID technology, which is exactly what causes the confusion.
The distinction matters a great deal in practice. Proximity cards operate on a single frequency with no encryption. RFID cards can operate across multiple frequencies, support advanced encryption, and range from short-range tap credentials to long-range vehicle identification. Specifying the wrong type for your site is a common and consequential error, particularly as the security vulnerabilities of older proximity credentials become better understood.
This guide explains what separates RFID cards from proximity cards, why it matters for access control security in 2026, and what a migration looks like in practice.
What Are Proximity Cards?
Proximity cards (often called prox cards) are a contactless access control credential that uses Low Frequency (LF) radio technology operating at 125 kHz. They have been the backbone of building access control since the 1990s and remain extremely common in older installed systems across the UK.
A proximity card contains an antenna and a microchip. The microchip stores a single piece of data: a static identification number. When the card enters the electromagnetic field of a proximity reader, the reader powers the card via induction, the chip transmits its ID number, and the access controller checks that number against its database to grant or deny entry.
Proximity cards have no battery, require no contact with the reader, and are durable enough for daily use. For simple door entry where security requirements are modest, they have historically been fit for purpose.
How Do Proximity Cards Work?
When a proximity card is held within range of a proximity reader (typically 5–15 cm), the reader emits a 125 kHz electromagnetic field that powers the card’s antenna. The chip activates and broadcasts its fixed ID number. The reader captures this number and passes it to the access controller, which either grants or denies entry based on its authorisation database.
Crucially, this transmission is unencrypted. The card broadcasts its ID in plaintext every time it enters any 125 kHz field, including fields generated by malicious scanning devices.
What Are RFID Cards?
RFID (Radio Frequency Identification) is the broader technology category that encompasses proximity cards, smart cards, NFC, and UHF vehicle tags. An RFID card contains a chip and antenna that communicate with a reader using radio frequency energy: the same fundamental principle as a proximity card, but with considerably more capability depending on the frequency and chip type.
Where proximity cards are limited to 125 kHz and a static ID number, RFID cards can operate across three frequency bands and support encryption, mutual authentication, and multi-application data storage.
RFID Frequencies
| Frequency Band | Range | Typical Use |
|---|---|---|
| Low Frequency (LF, 125 kHz) | Up to 15 cm | Proximity cards; legacy door entry |
| High Frequency (HF, 13.56 MHz) | Up to 1 metre | Encrypted smart cards; NFC; multi-application credentials |
| Ultra-High Frequency (UHF, 860–960 MHz) | Up to 10+ metres | Vehicle access; hands-free pedestrian entry; logistics |
High Frequency cards using protocols such as MIFARE DESFire EV2/EV3 or HID SEOS support mutual authentication: the reader verifies the card is genuine before granting access. UHF systems are designed for hands-free operation at distance, and are used in vehicle access control, logistics sites, and high-throughput pedestrian entry points.
Are Proximity Cards a Type of RFID?
Yes, proximity cards are a subset of RFID technology. They operate at Low Frequency (125 kHz), which is one of the three RFID frequency bands. When people contrast “RFID cards” with “proximity cards” in an access control context, they typically mean the difference between modern HF or UHF RFID credentials (which support encryption and longer range) and older LF proximity technology (which does not). The practical distinction is encryption and frequency range, not the underlying RF principle.
Key Differences: RFID Cards vs Proximity Cards
| Feature | Proximity Cards | HF RFID Smart Cards | UHF RFID Tags |
|---|---|---|---|
| Frequency | 125 kHz (LF only) | 13.56 MHz (HF) | 860–960 MHz (UHF) |
| Read range | Up to 15 cm | Up to 1 metre | Up to 10+ metres |
| Encryption | None (static ID only) | AES-128 (DESFire EV2/EV3), SEOS | Varies |
| Cloning risk | High (easily cloned) | Very low (mutual authentication) | Low |
| Data storage | Fixed ID number only | Multiple applications, dynamic data | Variable |
| Read/write | Read only | Read/write | Read/write |
| Hands-free use | No | Limited | Yes |
| Typical cost per credential | £0.50–£2 | £3–£8 | £8–£20 (vehicle tags) |
Read Range
The 125 kHz frequency limits proximity cards to a read range of 5–15 cm. The user must hold the card close to the reader, which is adequate for a tap-to-enter door but unsuitable for any hands-free application. HF smart cards extend this to around 1 metre. UHF systems (used for vehicle access) operate at 10 metres or more, with Nedap’s uPASS range reading vehicle tags at speeds of up to 125 mph.
Encryption and Security
This is the most consequential difference. Proximity cards transmit a fixed, unencrypted ID number. HF RFID smart cards using MIFARE DESFire or HID SEOS use challenge-response authentication: the reader issues a challenge, the card responds using an encryption key, and both sides verify each other. A copied card number is useless without the matching key.
Data Storage
Proximity cards store a single static ID (typically a 26-bit Wiegand number). HF smart cards can store multiple applications on a single credential: access control, time and attendance, cashless vending, and car park access can all share one card. This is particularly relevant for multi-site organisations where one credential needs to work across different systems.
Read/Write Capability
Proximity cards are read-only. The ID number is set at manufacture and cannot be changed. HF RFID cards support read/write operations: data can be updated on the card after issue, enabling dynamic credential management without reissuing physical cards.
The Security Problem with Proximity Cards
The security industry has known about proximity card vulnerabilities for years. What has changed is the accessibility of the tools to exploit them.
A 125 kHz card cloner (the kind available online for under £30) can read a proximity card’s ID number from within a few centimetres and write it to a blank card in seconds. The attacker does not need to steal the card. A brief proximity encounter in a lift, a café queue, or a car park is sufficient. The copied card will work on any reader in the same system because the reader has no way to verify it is genuine: it only checks the ID number.
This is not a theoretical risk. In the UK, physical security assessments regularly identify proximity card cloning as a viable attack vector for commercial sites. The vulnerability is well documented in the security testing community, and the equipment required is widely available.
Mutual authentication is the fix. HF smart card protocols such as MIFARE DESFire EV2/EV3 require the card to prove it holds the correct encryption key before the reader accepts it. Even if an attacker captures the card’s transmission, they cannot use it without the key, which is stored securely in the chip and never broadcast.
For any site where unauthorised access would have material consequences (a data centre, a pharmaceutical warehouse, a financial services office), continuing to rely on 125 kHz proximity credentials is a security liability that is straightforward to address.
Migrating from Proximity Cards to Encrypted RFID
Most organisations do not need to rip out their entire access control system to move from proximity to encrypted RFID. The practical migration path is:
1. Fit multi-technology readers. Multi-technology readers support both 125 kHz proximity cards and 13.56 MHz HF smart cards simultaneously. Existing proximity cardholders continue to use their current credentials. New joiners receive encrypted smart cards. During the transition period, both work at the same reader.
2. Issue HF credentials to high-risk cardholders first. Not everyone needs to migrate at once. Prioritise credentials that access the most sensitive areas: server rooms, cash handling areas, executive floors. These are the credentials most worth protecting.
3. Set a cutover date. Once most cardholders have been issued HF credentials, disable the 125 kHz functionality in the access software and remove the reader’s legacy mode. From that point, only encrypted cards work.
4. Upgrade the controller if needed. Most modern access controllers support encrypted HF credentials natively. Some older proprietary systems may require a controller upgrade alongside the reader change: worth confirming before specifying the migration.
Nortech’s DeltaQuest controllers are open-architecture and support multi-technology readers from day one, which makes this kind of phased migration straightforward without changing your access control software.
For a guide to the credential formats available during and after migration — cards, fobs, and smart tokens — see our key fob and proximity card guide.
UK Costs: Upgrading from Proximity to Encrypted RFID
As a guide to what migration costs look like in UK installations:
| Item | Approx. Cost |
|---|---|
| Multi-technology reader (replaces existing proximity reader) | £80–£160 per door |
| Installation (labour, cabling, commissioning per door) | £150–£350 per door |
| MIFARE DESFire HF smart card (per credential) | £3–£8 each |
| Programmed HID SEOS card (per credential) | £6–£12 each |
| Access controller upgrade (if required) | £200–£600 per controller |
For a 5-door office with 50 staff, a full migration from proximity to encrypted HF RFID (replacing readers, issuing new cards, and commissioning) typically runs £3,000–£6,000. The alternative is leaving a cloning-vulnerable system in place indefinitely, which may also affect your cyber and physical security insurance position.
For a full breakdown of what access control migration costs across different building types and scales, see our access control system cost guide.
Frequently Asked Questions
What is the difference between RFID and proximity cards?
Proximity cards are a type of RFID technology, specifically Low Frequency RFID operating at 125 kHz with no encryption. Modern RFID cards operate at High Frequency (13.56 MHz) or Ultra-High Frequency (860–960 MHz), support encryption and mutual authentication, and offer longer read ranges. The key practical difference is security: proximity cards can be cloned cheaply; encrypted HF RFID cards cannot.
Are proxy cards the same as RFID?
Proximity cards are a subset of RFID: they use the same underlying radio frequency identification principle but are limited to 125 kHz with a static, unencrypted ID number. When people refer to “RFID cards” in contrast to proximity cards, they typically mean HF smart cards (e.g. MIFARE, HID iCLASS) or UHF tags, both of which offer capabilities proximity cards do not.
What is the difference between 125 kHz and 13.56 MHz RFID?
125 kHz (Low Frequency) is the frequency used by proximity cards: short range, no encryption, read-only. 13.56 MHz (High Frequency) is used by smart cards such as MIFARE DESFire: it supports AES encryption, mutual authentication, longer read range, and read/write capability. For any new access control installation, 13.56 MHz smart cards are the recommended minimum. 125 kHz should only be retained in legacy systems where migration is not yet possible.
Are proximity cards secure?
Proximity cards have significant known vulnerabilities. Their 125 kHz transmission is unencrypted, and the static ID number can be cloned using hardware available for under £30. For low-security applications this may be acceptable, but for any site where unauthorised access would have material consequences, proximity cards represent an unacceptable risk. Encrypted HF smart cards using MIFARE DESFire or HID SEOS are the appropriate replacement.
Can proximity card readers be upgraded to support RFID smart cards?
In most cases, yes. Multi-technology readers support both 125 kHz proximity and 13.56 MHz HF smart cards simultaneously. This allows a phased migration: existing proximity cardholders continue working while new staff receive encrypted credentials. Once the transition is complete, legacy proximity support can be disabled in the access control software.
Proximity cards remain common in older UK access control installations, and for many low-risk environments they continue to work adequately. But the combination of known cloning vulnerabilities, the availability of cheap exploit hardware, and the relatively modest cost of migration means that any site with a meaningful security requirement should be actively planning a move to encrypted HF RFID credentials.
For organisations with vehicle access requirements or high-throughput pedestrian entry points, the step up to UHF RFID is also worth evaluating: the Nedap uPASS range that Nortech supplies as UK-appointed distributor covers vehicle speeds up to 125 mph and integrates with the same access control software managing your door entry.
If you are reviewing your credential strategy and want a straight assessment of what your site needs, and what the migration path looks like, talk to an engineer at Nortech.
James McKellar is part of Nortech’s technical team, supporting installers and integrators with access control specification across the UK.
