Commands
Search pubs database
Quick search by ...
|
Vulnerabilities in First Generation RFID-enabled credit cards
Kevin Fu
Citation
Kevin Fu. "Vulnerabilities in First Generation RFID-enabled credit cards". Talk or presentation, 22, May, 2007.
Abstract
RFID technology appears in a huge array of products ranging from clothing and airport luggage to subway tickets and credit cards. This talk will examine recent privacy and security vulnerabilities discovered in RFID-enabled credit cards. An estimated 20 million RFID-enabled credit cards are already in circulation in the United States. Using samples from a variety of RFID-enabled credit cards, our study observes that the cardholder's name and often credit card number and expiration are leaked in plaintext to unauthenticated readers, our homemade device costing around $150 effectively clones one type of skimmed cards thus providing a proof-of-concept implementation for the RF replay attack, information revealed by the RFID transmission cross contaminates the security of RFID and non-RFID payment contexts, and RFID-enabled credit cards are susceptible in various degrees to a range of other traditional RFID attacks such as skimming and relaying. Electronic downloads
(No downloads are available for this publication.)
- HTML
Kevin Fu. <a
href="http://www.truststc.org/pubs/250.html"><i>Vulnerabilities
in First Generation RFID-enabled credit
cards</i></a>, Talk or presentation, 22, May,
2007.
- Plain text
Kevin Fu. "Vulnerabilities in First Generation RFID-enabled
credit cards". Talk or presentation, 22, May, 2007.
- BibTeX
@presentation{Fu07_VulnerabilitiesInFirstGenerationRFIDenabledCreditCards,
author = {Kevin Fu},
title = {Vulnerabilities in First Generation RFID-enabled
credit cards},
day = {22},
month = {May},
year = {2007},
abstract = {RFID technology appears in a huge array of
products ranging from clothing and airport luggage
to subway tickets and credit cards. This talk will
examine recent privacy and security
vulnerabilities discovered in RFID-enabled credit
cards. An estimated 20 million RFID-enabled credit
cards are already in circulation in the United
States. Using samples from a variety of
RFID-enabled credit cards, our study observes that
the cardholder's name and often credit card number
and expiration are leaked in plaintext to
unauthenticated readers, our homemade device
costing around $150 effectively clones one type of
skimmed cards thus providing a proof-of-concept
implementation for the RF replay attack,
information revealed by the RFID transmission
cross contaminates the security of RFID and
non-RFID payment contexts, and RFID-enabled credit
cards are susceptible in various degrees to a
range of other traditional RFID attacks such as
skimming and relaying.},
URL = {http://www.truststc.org/pubs/250.html}
}
Posted by Alvaro Cardenas on 3 Apr 2007.
For additional information, see the
Publications FAQ or
contact webmaster at www truststc org..
Notice:
This material is presented to ensure timely dissemination of scholarly
and technical work. Copyright and all rights therein are retained by
authors or by other copyright holders. All persons copying this
information are expected to adhere to the terms and constraints
invoked by each author's copyright.
|
