Friday, February 22, 2008

RFID: The Hands-Free Way to Steal a Credit Card

Robert Vamosi writes on the C|Net "D3F3NS3 1N D3PTH" Blog:

Adam Laurie, an RFID security expert, used the Black Hat DC 2008 conference here, to demonstrate a new Python script he's working on to read the contents of smart-chip-enabled credit cards.

As part of his presentation Wednesday, Laurie asked for someone from the audience to volunteer a smart card. Without taking the card out of the volunteer's wallet, Laurie both read and displayed its contents on the presentation screen--the person's name, account number, and expiration clearly visible.

Demonstrations like that show the potential misuse of RFID technology in the near future. Without touching someone, a thief could sniff the contents of an RFID-enabled credit card just in passing. The same is true for embedded RFID chips in the human body, work access badges, some public transit cards, and even the new passports in use in more than 45 countries.

More here.


Post a Comment

<< Home