How to hack RFID-enabled credit cards for $8
Peter Tomlinson
ukcrypto at chiark.greenend.org.uk
Thu, 20 Mar 2008 04:28:14 +0000
Glyn Wintle wrote:
> http://www.boingboing.net/2008/03/19/bbtv-how-to-hack-an.html
>
> A number of credit card companies now issue credit
> cards with embedded RFIDs (radio frequency ID tags),
> with promises of enhanced security and speedy
> transactions.
>
> But on today's episode of Boing Boing tv, hacker and
> inventor Pablos Holman shows Xeni how you can use
> about $8 worth of gear bought on eBay to read personal
> data from those credit cards -- cardholder name,
> credit card number, and whatever else your bank embeds
> in this manner.
>
> Fears over data leaks from RFID-enabled cards aren't
> new, and some argue they're overblown -- but this demo
> shows just how cheap and easy the "sniffing" can be.
>
> Link to complete Boing Boing tv post with discussion
> and downloadable video.
>
Early tranches of contactless bank payment cards in USA were easy to
read, as Ross Anderson et al demonstrated. The recent launch in the UK
of of Visa PayWave (e.g. Barclays OnePulse jointly with London's Oyster)
and Mastercard PayPass are to an EMV specification (but when I last
asked that spec was not in the public domain).
Peter