Re: Collocation Access

[Henry Yen <henry () AegisInfoSys com>]

On Mon, Oct 23, 2006 at 14:26:53PM -0500, Stasiniewicz, Adam wrote:
> That is true for strip card (credit card style) and simple prox cards.
> But what I have been seeing more often is that companies are using the
> smart card and wireless smart card variety for high security areas.  So
> instead of having a card that will always return the same value (making
> it easy to duplicate) the smart cards will use good old fashion PKI to
> mutually authenticate the card to the reader and the reader to the card.
> This way, the card won't give out its security information until the
> card reader is verified to be a legit member of the security system.  In

However, speaking of smart (non-simple-proximity) card security:

   Linkname: Researchers See Privacy Pitfalls in No-Swipe Credit Cards - New York Times
   URL: 
http://www.nytimes.com/2006/10/23/business/23card.html?ex=1319256000&en=5ecec83b0ac06bd8&ei=5088&partner=rssnyt&emc=rss

> > -----Original Message-----
> > From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
> > Warren Kumari
> > Sent: Monday, October 23, 2006 1:34 PM

[ mild snippage ]

> > These are trivial to clone -- all you need is a reader hooked up to a PC
> > and you can read the number off the card. You can then buy a batch of

-- 
Henry Yen                                       Aegis Information Systems, Inc.
Senior Systems Programmer                       Hicksville, New York