Vulnerabilities in First-Generation RFID-enabled Credit Cards
نویسندگان
چکیده
RFID-enabled credit cards are widely deployed in the United States and other countries, but no study has thoroughly analyzed the mechanisms that provide both security and privacy. Using samples from a variety of RFID-enabled credit cards, our study observes that (1) the cardholder’s name and often credit card number and expiration are leaked in plaintext to unauthenticated readers, (2) our homemade device costing around $150 effectively clones skimmed cards — providing a proofof-concept of the RF replay attack for cards, (3) information revealed by the RFID transmission cross contaminates the security of non-RFID payment media, and (4) RFID-enabled credit cards are susceptible in various degrees to a range of other traditional RFID attacks such as skimming and relaying.
منابع مشابه
Securing Plastic Money Using an RFID Based Protocol Stack
Since 2006, there have been three major systems that have been implemented in an attempt to reduce the threat of credit card fraud Chip and PIN (United Kingdom), Chip Authentication Program CAP (European Union), and RFID enabled credit cards (United States of America). In spite of a big effort by the EMV, there has been little evidence to demonstrate the success of these schemes in stopping fra...
متن کاملComparing Different Methodologies Used To Ensure the Security of RFID Credit Card: A Comparative Analysis
The use of Radio Frequency Identification (RFID) advancement is turning out to be rapidly transversely over an extensive variety of business undertakings. Engineers apply the development not simply in customary applications, for instance, asset or stock after, also in security organizations, electronic travel papers and RFID-embedded card. In any case, RFID development moreover brings different...
متن کاملComparing Different Methodologies Used To Ensure the Security of RFID Credit Card: A Comparative Analysis
The use of Radio Frequency Identification (RFID) advancement is turning out to be rapidly transversely over an extensive variety of business undertakings. Engineers apply the development not simply in customary applications, for instance, asset or stock after, also in security organizations, electronic travel papers and RFID-embedded card. In any case, RFID development moreover brings different...
متن کاملRFID and the Middleman
Existing bank-card payment systems, such as EMV, have two serious vulnerabilities: the user does not have a trustworthy interface, and the protocols are vulnerable in a number of ways to man-in-themiddle attacks. Moving to RFID payments may, on the one hand, let bank customers use their mobile phones to make payments, which will go a fair way towards fixing the interface problem; on the other h...
متن کاملStill and Silent: Motion Detection for Enhanced RFID Security and Privacy without Changing the Usage Model
Personal RFID devices – found, e.g., in access cards and contactless credit cards – are vulnerable to unauthorized reading, owner tracking and different types of relay attacks. We observe that accessing a personal RFID device fundamentally requires moving it in some manner (e.g., swiping an RFID access card in front of a reader). Determining whether or not the device is in motion can therefore ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2007