funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Vulnerabilities in First-Generation RFID-Enabled Credit Cards

From: <rms () bsf-llc com>
Date: Mon, 23 Oct 2006 09:29:45 -0400
Here are all of the technical details.  I'm still scratching my head why a
RFID credit card doesn't have a little momentary contact switch which must
be pushed in order to activate the RFID chip.  With this simple addition,
cards can't be read on the sly.
 
Richard
 
  _____  

 
http://www.rfid-cusp.org/blog/blog-23-10-2006.html

Vulnerabilities in First-Generation RFID-Enabled Credit Cards


Monday, October 23, 2006 


RFID CUSP scientists have studied the security and privacy of RFID-enabled
credit cards. Here Ari Juels gives an overview of the results.

Consumers in the United States today carry some twenty million or so credit
cards and debit cards equipped with RFID (Radio-Frequency IDentification)
chips. RFID chips communicate transaction data over short distances via
radio. They eliminate the need to swipe cards or hand them to merchants.
Consumers can instead make payments simply by waving their cards-or even
just their wallets-near point-of-sale terminals. 

While appealing to both consumers and merchants, the convenience of RFID
credit cards has a flip side. What a legitimate merchant terminal can read,
a malicious scanning device can also read without a consumer's consent or
knowledge. RFID credit cards therefore call for particularly careful
security design.

A report released today by a team of scientists in the RFID Consortium for
Security and Privacy  <http://www.rfid-cusp.org/> (RFID-CUSP) reveals lapses
in the security and privacy features of several types of currently deployed
RFID credit cards. The report (of which I am a co-author) highlights two
basic vulnerabilities in the cards under study:

1.      Names in the clear: The RFID credit cards transmit bearer names
promiscuously. Any device capable of scanning a card can learn the name
imprinted on it-with or without the owner's consent. 

1.      Payment fraud: In varying degrees, the RFID credit cards are
vulnerable to an attack called "skimming." An attacker with an RFID reader
can harvest information from a card, create an inexpensive clone device, and
make charges against the legitimate card. (Alternatively, an attacker may be
able to perform online transactions with harvested credit-card information.)
Skimming requires minimal technical expertise and expense. 

...

For details on the RFID-CUSP study, visit www.rfid-cusp.org
<http://www.rfid-cusp.org/> .


Technical manuscript 


Our technical paper is available in draft form: PDF
<http://prisms.cs.umass.edu/~kevinfu/papers/RFID-CC-manuscript.pdf>  


Video demonstration 


We have a short video demonstrating some of the attacks from a technical
perspective. Please excuse our poor-quality video techniques: 11MB
<http://www.rfid-cusp.org.nyud.net:8090/videos/RFID-CC-video-part1.mov>
Quicktime (coralized)

Check back next week for Part 2, a non-technical video.

 


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: