Eavesdropping attacks on RFID enabled devices, such as e-passports and contactless credit cards or secure door entry systemsThis extraordinary academic paper, with its practical experiments, presents actual ‘proof-of-concept’ eavesdropping attacks across a range of RFID enabled devices.

The author, G.P. Hancke (of the British-based Smart Card Centre / Information Security Group at University of London), demonstrates how he implemented successful attacks on the three most popular High Frequency (HF) standards: ISO 14443A, ISO 14443B and ISO 15693.

What some may find particularly disturbing is that in each case Hancke not only describes the equipment needed to execute an attack, but also how an effective RFID receiver kit can be constructed for less than £50.

“Even though the self-build RF receiver did not achieve the same results as commercial equipment – it does illustrate that eavesdropping is not beyond the means of the average attacker.” says Hancke.

Read the full PDF report here

And then protect yourself against unauthorised ‘contactless’ eavesdropping here

Advertisements
Comments
  1. […] safeguards have been added to RFID standards over the past several years, the technology remains vulnerable to eavesdroppers, who are able to read tags from a distance without the owner's knowledge, leading to the theft of […]

    • Contactless says:

      Thank for helping raise awareness about this relatively new technology. Keep up the good work, and do feel free to borrow any useful information from my blog.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s