Contactless Smart Cards, RFID, Payment, Transit and Security

Hacked smart card chips? Alliance says no

Thursday, March 13, 2008

The Smart Card Alliance says reports of contactless smart cards being hacked are not accurate. An Associated Press story claims that a University of Virginia graduate student and two fellow hackers say they have cracked the encryption used in credit cards, subway passes and security badges.

Te trio claimed they hacked the code using readily available equipment that cost less than $1,000. The story suggests the hack enables a criminal to clone credit cards, get free subway rides, gain access to buildings or steal cars.

But the Smart Card Alliance, an industry trade group, says that the chips hacked were not the same ones used in contactless payment cards or electronic passports, but ones that are typically used in transit system, and that the results are overblown.

The research, presented at a hacker’s conference in Germany, involved one dimension of security in one specific product, the Alliance states. “Like many types of computer chips, a broad range of RF-enabled and contactless smart card chips are available, and individual system operators choose the right overall balance of features, including security, when they design a fare collection system,” according to the release.

The original AP story can be found here.

Additional information on contactless financial payment card security can be found here[end] 

Related Articles
Smart Card Alliance releases NFC transit report

The Smart Card Alliance Transportation Council has published a white paper examining how the transit industry can best make use of NFC technology.

“One of the major challenges facing transit agencies today is how to capitalize on the ever-growing popularity of mobile phones with a solid mobile strategy,” said Transportation Council Chairman Craig Roberts. “This white paper builds on the knowledge base developed in earlier white papers to foster a greater understanding of NFC technology, explain its role in the transit industry, and shed light on key issues facing the transit industry in developing a mobile strategy.”

read more »
Smart Card Alliance forms Mobile and NFC Council

The Smart Card Alliance has announced the formation of the Mobile and NFC Council, a new industry body tasked with accelerating the adoption of NFC and raising awareness of the technology’s various capabilities.

read more »
Computer server at University of Maine hacked

Social Security numbers and credit card information of 2,818 users of a University of Maine computer server may have fallen into the hands of hackers, according to university officials.

read more »
austriamicrosystems joins OSPT, promotes open standard specs

The Open Standard for Public Transport (OSPT) Alliance announced that austriamicrosystems has joined as a full member.

Since joining the OSPT Alliance, austriamicrosystems will have access to the CIPURSE open standard specification, leveraging its experience into embedded systems for mobile fare collection applications. The open standard promotes vendor neutrality and cross-vendor system interoperability with reduced technology adoption risks, higher quality and improved market responsiveness.

read more »
Smart Card Alliance launches new EMV/NFC certification training

The Smart Card Alliance is offering a certification program dedicated to smart card-based payments – the Certified Smart Card Industry Professional/Payments (CSCIP/P) credential.

Designed for Industry professionals interested in supporting the U.S. move to EMV and NFC contactless mobile technologies, CSCIP/P certification covers EMV migration, mobile and NFC contactless payments, secure remote transactions and smart card use in both card-based and account-based transit payment systems.

read more »
Calgary pilots smart card payments for public transit

Calgary, Alberta is pushing forward with the anticipated summer launch of a new smart card payment system for public transit, according to the Calgary Herald.

read more »

Ads by AVISIAN
Subscribe to the Contactless News Library
Gain access to the largest collection of Auto-ID analysis on the Internet.
Copyright © 2012, AVISIAN, Inc. All rights reserved.