[funsec] Vulnerabilities in First-Generation RFID-Enabled Credit
Cards
Richard M. Smith
rms at bsf-llc.com
Mon Oct 23 09:33:22 CDT 2006
I guess the credit card companies figured it was too hard for people to put
a card into a slot.
OTOH, RFID credit cards are more flexible because they can be embedded
inside of other devices like a cellphone.
Richard
-----Original Message-----
From: Valdis.Kletnieks at vt.edu [mailto:Valdis.Kletnieks at vt.edu]
Sent: Monday, October 23, 2006 10:29 AM
To: rms at bsf-llc.com
Cc: funsec at linuxbox.org
Subject: Re: [funsec] Vulnerabilities in First-Generation RFID-Enabled
Credit Cards
On Mon, 23 Oct 2006 09:29:45 EDT, rms at bsf-llc.com said:
> Here are all of the technical details. I'm still scratching my head why a
> RFID credit card doesn't have a little momentary contact switch which must
> be pushed in order to activate the RFID chip. With this simple addition,
> cards can't be read on the sly.
At that point, do something sensible like use the already existing
smart-card
technology that requires physical contact - at that point, the reader can
power
the chipset so you can have a lot more on-board storage and computation.
Kinda like some credit card vendors have done for *years*. ;)
More information about the funsec
mailing list