Australian spec looks to better secure contactless identity credentials
Concerns with the security and privacy of contactless smart card technology are nothing new. In recent years, the Internet has caught up with the physical access control industry and the PKI smart card industry, and some ‘dirty little secrets’ have been aired. For those of you who do not believe me, go to your browser and search “RFID hack clone,” “mifare hack,” or go to http://eBay.com.hk (Hong Kong) and search “RFID.”
In a matter of minutes you will find board-level schematics, source code and build-yourself kits that will allow you to clone many of the existing contactless devices used for physical access control and even transit. From eBay you can purchase shrink-wrapped product to clone the cards (with free shipping)! If you are a real nerd, you can Google “OpenPICC” or “OpenPCD” and purchase sophisticated portable devices that pretend they are real cards and readers and mount attacks on advanced smart cards.
None of this is new, but what is new is that a group in Australia under the direction of one of the largest government IT shops and most capable of agencies, have been looking at what to do about it.
There are 1191 words in the rest of this article …
Library Access Required
Library subscribers have access to the full archives of more than 10,000 original news items and feature articles published by AVISIAN’s suite of ID technology publications (ContactlessNews.com, CR80News.com, DigitalIDNews.com, FIPS201.com, NFCNews.com, RFIDNews.org, SecureIDNews.com, and ThirdFactor.com).
For just $49, you receive unlimited password-protected access to content on all of AVISIAN’s sites for an entire year. Your subscription helps fund the continued creation of independent, insightful content. Find out more.
Sign in as a Subscriber
If you are already a subscriber, you may sign in now. Enter your Email Address and Password and click Sign In.
If you have forgotten your password, enter just your Email Address, and click Send Password.
