Contactless Smart Cards, RFID, Payment, Transit and Security

Kobil's smart card reader hacked using unsigned firmware

Thursday, June 3, 2010

H Security reports that Kobil’s smart card readers have been hacked with a Windows tool and unsigned firmware, granting thieves access to PINs and other secure data.

The Kobil readers in question have been tested by the German Federal Office for Information Security and certified as compliant with the rigorous German Signature Law (SigG).

A hacker by the name of Colibri has informed Kobil about the vulnerability and released a report that explains the procedure of the “intermediate” level hack and provides the necessary Windows tool and firmware updates.

According to H Security, the German Federal Network Agency has issued a warning about the security issue, but new firmware still hasn’t been certified.

Prof. Dr. Rainer W. Gerling of The Max Planck Society for the Advancement of Science told H Security, “This hack shows that the quality of a certification depends on the creativity and imagination of the tester. This is a fundamental problem of certifications.”

Read more here[end] 

Related Articles
EarthSearch offers mobile RFID/bar code reader

East Coast Diversified Corporation’s RFID and GPS division, EarthSearch Communications, announced its newest product offering, the LogiBoxx certified hand held RFID reader: the ES3001H.

The device runs on the latest mobile operating system, Windows CE 5.0, and utilizes EarthSearch’s proprietary firmware. Depending on the tag it can identify items up to 15 feet, and it is also capable of reading 1D and 2D bar codes.

read more »
Dublin expects 2011 rollout of smart ticketing system

Dublin will see a new integrated smart card ticketing system by early next year, according to The Irish Times.

The the €55 million project will start with a smart card rollout for the Luas and Dublin Bus services, to be joined later by Irish Rail, private bus operators and Bus Éireann.

read more »
Low-Cost proximity RFID Reader offers user-friendly interface

Chinese developer DAILY RFID has launched its advanced Proximity RFID Reader-02, designed as a desktop, OEM version. It is designed to be used as an access control reader via USB or RS232 interface.

read more »
Amano launches new access control reader

Amano Cincinnati has announced the release of their new Multi-Discipline Reader (MDR) for physical access control.

Amano’s newest 125 kHz Prox and ISO 14443 reader is a dual technology contactless smart card reader geared towards customers migrating from 125 kHz Prox cards to 13.56 MHz ISO14443 contactless smart cards.

read more »
Singapore launches contactless card for tourists

Singapore’s CITY Tours has introduced a new contactless smart card that allows tourists to tap into various city attractions, according to asiaone.com.

In addition to speeding up lines, the card also gives visitors up to a 45% discount at popular attractions such as Underwater World and the Singapore Zoo.

read more »
New Schlage smart credential readers unveiled

Ingersoll Rand Security Technologies announced the availability of a new line of Schlage contactless smart credential readers - operating on 13.56 MHz frequency – and designed to address the industry’s current requirements while providing a foundation and scalability for future applications.

read more »

Ads by AVISIAN
Subscribe to the Contactless News Library
Gain access to the largest collection of Auto-ID analysis on the Internet.
Copyright © 2010, AVISIAN, Inc. All rights reserved.