Posts Tagged ‘rfid protect’

If you’re a regular visitor to this blog then you’ll no doubt be familiar with RFID technology – and now it appears that our cousins in Australia are waking up to some of its potential vulnerabilities.  Linking automatically to a retailers ‘point-of-sale’ terminal (but without the need for a verification PIN or signature) makes Radio Frequency ID (RFID) payments quite different to normal transactions using a swipe card, cash or personal cheque.

The ability to process transactions rapidly means that RFID e-payment solutions are very attractive to retailers too, although it has been reported in the media that a growing number of consumers in Australia are not entirely convinced by industry claims that these ‘contactless’ systems are 100% foolproof!

ABC News 24 recently reported that, “…There’s been some very famous attacks where people have been reading passport numbers and other serial numbers from RFID-enabled cards. Proximity cards, such as the one that you use to get into your secured building, those have been cloneable for quite some time.”

Whilst Australia has been relatively slow to adopt ‘contactless’ systems – we’ve learned that as of March 2012 it’s going to be a case of ‘full steam ahead’ with major stores keen to deploy ‘tap-and-pay’ payment options.  More likely to ‘crack a mental’ than crack open the Champagne – some quarters are arguing that the roll-out of contactless e-commerce is fast becoming a headache for those involved.

A spokesperson at ABC News 24 urged caution reporting that, “…one of the first attacks that we’re most likely to see being used by criminals are probably relay attacks. When you have your phone in your pocket or your card in your wallet and attackers work out a mechanism to activate the card in your pocket, relay the transaction somewhere else, maybe not even in the country and perform a transaction at a terminal by another party, stealing money from that particular account. That’s probably the most likely attack that we’ll see occurring in the future.”

Here’s the link: http://www.abc.net.au/news/2012-01-30/consumers-warned-over-tap-and-pay-technology/3801162

The following link will take you to the RFID Protect webpage where any nervous Australians can get protected now! http://www.rfidprotect.co.uk/products.html

In early November 2011, BBC News services reported that malware attacks on UK Android Apps, and smartphone fraud in general had risen by a staggering 800% since this time last year!!!!  Today we learn from The Telegraph newspaper that,

“…the majority of Britons are scared of ‘wave and pay’, [and with] only a small minority of people keen to use their mobiles like wallets. [Many] fear that ‘wave and pay’ apps will lead to greater security breaches”. 

Emma Barnett, Digital Media Editor for the Telegraph elaborated stating,

“…[the] Intersperience study, which polled 1,000 people as part of a larger project entitled ‘Digital Selves’, found that phone hacking fears are dominating consumers’ security concerns when thinking about adopting new mobile wallet payment systems.”

A spokesperson for Paypal recently intimated that mass adoption of contactless payments for products using mobile phones, or smart credit cards is at least three years away.  This is perhaps not surprising given that very few UK retailers offer this type of payment option to their customers.

Meanwhile, UK company RFID Protect has announced its intentions to offer a solution for smartphone users wary of this technology.  It comes in the shape of a simple App that will be launched mid 2012, and made available to download from www.rfidprotect.co.uk

So before too long, iPhone and Android users will have the option to disable their NFC (Near Field Communication) feature and in the words of a RFID Protect spokesperson, “MAKE YOURSELF INVISIBLE’ to would be phone hackers, e-pickpockets and e-payment skimmers.  Apparently, there’s a timer function too – so users get to determine the amount of time their phone can be read by third parties.

Read the full Telegraph article at:

http://www.telegraph.co.uk/technology/news/8825183/Majority-of-Britons-are-scared-of-wave-and-pay.html

First published on the: 14 October 2011

Blackberry users buy RFID Protective shields for gift cards and hotel passes in a bid to prevent unplanned data erasureNews has come to light that BlackBerry mobile (cell) phones pack more of a punch than perhaps their designers had bargained for!  It seems that the devices can emit an Electro Magnetic Pulse (EMP) when in use that’s so powerful it can wipe the data from certain smart cards when in close proximity; (in the main hotel passes and e-gift cards are at most risk).  This can be really frustrating if you find yourself locked out of a hotel room after hours!

The good news is that most credit, debit, ATM and ID cards remain unaffected by this phenomenon.  Also, by placing e-gift cards or hotel passes within a RFID protective shield there’s no problem keeping your BlackBerry mobile in the vicinity of these items.

Newbie.com has conducted extensive research into this issue, providing the following useful thoughts:

“…my testing provides strong evidence – if not irrefutable proof – that a cell phone in a holster/case with a magnetic latch [or a cell phone alone without its holster/case], can damage a gift card.”

“…this testing strengthens my belief that a cell phone with [or without a holster case] can probably damage a hotel room key card.”

Source: http://newbbie.com

Eavesdropping attacks on RFID enabled devices, such as e-passports and contactless credit cards or secure door entry systemsThis extraordinary academic paper, with its practical experiments, presents actual ‘proof-of-concept’ eavesdropping attacks across a range of RFID enabled devices.

The author, G.P. Hancke (of the British-based Smart Card Centre / Information Security Group at University of London), demonstrates how he implemented successful attacks on the three most popular High Frequency (HF) standards: ISO 14443A, ISO 14443B and ISO 15693.

What some may find particularly disturbing is that in each case Hancke not only describes the equipment needed to execute an attack, but also how an effective RFID receiver kit can be constructed for less than £50.

“Even though the self-build RF receiver did not achieve the same results as commercial equipment – it does illustrate that eavesdropping is not beyond the means of the average attacker.” says Hancke.

Read the full PDF report here

And then protect yourself against unauthorised ‘contactless’ eavesdropping here

US Department of Defense orders RFID shields

US Department of Defense orders RFID shields

It can now be reasonably argued that November 2010 will mark a significant turning point in the debate surrounding RFID or ‘contactless’ credit, debit, passport and door-access security.  For on Wednesday 29 November, 2010  Secure ID News reported the following news,

“…2.5 million radio frequency shielding sleeves (were delivered) to the Department of Defense to protect the contactless Common Access Card (CAC) from data interception. The FIPS 201-approved, shielding sleeves are distributed via RAPIDS ID offices worldwide with the issuance of new CACs.”

Furthermore, the online journal then went on to state,

“…an option to purchase an additional 1,675,000 sleeves was exercised by the Defense Department for final delivery in January 2011. This order will bring the total number of our sleeves 4.2 million. In September, an order for 200,000 rigid, RF shielding, non-metallic badge holders (was also placed).”

Of course, whilst unauthorised data interception from RFID enabled device is not commonplace – this development would strongly suggest that the potential threat of ‘skimming’ is real and growing by the day.

Original source: http://www.secureidnews.com/2010/11/29/defense-department-order-rf-shields-from-national-laminating

UK Government HQAbstract: A UK government-backed report that explores certain security flaws in RFID / contactless technology.  Well worth a read is this…

Source: http://www.ico.gov.uk

“It will be the responsibility of RFID users to prevent any unauthorised access to personal information. One concern is a practice that has become known as “skimming”. Since a transponder’s signal can be picked up by any compatible reader, it is possible for RFID tags to be read by unauthorised readers, which could access personal information stored on them. Users can guard against skimming by using passwords. The EPCglobal Class 1 Generation 2 RFID specification enables the use of a password for accessing a tag’s memory. However, these are not immune to “hacking”.

Most RFID systems require a short distance between tag and reader, making it difficult for “rogue” readers to scan tags but this could nevertheless be done in a situation where people are naturally at close range, for example, on a crowded train. The nominal read range of some tags can also be extended by the use of more powerful readers. It is also possible to read part of a tag’s number by eavesdropping merely on a reader’s communication with a tag. Readers, with a much higher power output than tags, can be read at much greater distances.

While some RFID applications might not need communication between tag and reader to be encrypted, others that process personal and especially sensitive personal data will need an adequate level of encryption to safeguard the data being processed. In most cases “skimmers” would also need a way of accessing the external database containing the personal data, but in some cases inferences might be made about someone from information which in itself does not relate directly to him. If a person leaves a store having purchased items carrying RFID tags that have not been disabled, he carries with him a potential inventory of his possessions. This would enable someone with a suitable reader and knowledge of EPC references to discover what items he was carrying at a given time. Sensitive personal data about a person’s illness, for example, might be unknowingly revealed by him via the EPC referring to the medication in his pocket. An insufficiently secure RFID chip could also be “cloned”. By copying personal data stored on the RFID chip of an identification card, a person could for practical purposes steal the identity of the cardholder. If the information on the database (e.g., a fingerprint) is checked only against the information on the card, rather than directly against the person himself, a criminal would not need to access the information stored on the database.”

http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/radio_frequency_indentification_tech_guidance.pdf

For more information visit:  RFID Protect

Finally, if you’re in any doubt as to whether or not RFID skimming is a real threat, then perhaps watch the following video evidence.

Video evidence from the United States of America, claiming that RFID enabled devices are vulnerable to skimming, cloning and hacking.

Electronic Pickpocket – YouTube Video
(Approx. 4minutes – n.b: opens in a new window.)

David Beckham - victim of RFID hacking and car jacking!

Going, going, gone – RFID car-jacking!

It’s the stuff of movies. A criminal gang that sets out to steal hundreds of cars, each in under 60 seconds, using the latest in high-tech gadgets to facilitate their heist.   But for David Beckham, Hollywood fiction became a reality when in April 2006 criminals used a simple laptop and RFID scanner to crack the electronic door locks of his BMW X5. Once the locks were cracked they then fired up the ignition and drove away – gone in just 15 minutes!

So how was this possible? After all the RFID industry has gone to considerable lengths to reassure us that ‘contactless’ chips and ‘smart keys’ are 100% secure, and not vulnerable to ‘skimming’.

John Holl, a journalist with Forbes Autos throws some light on the matter saying,

“…Back in 2004, when keyless technology was still new and touted as unbreakable and secure, Dr. Aviel D. Rubin, a professor of computer science at Johns Hopkins University, examined this possibility (with his students). Within three months they had successfully cracked the code embedded within the ignition keys of newer model cars, theoretically allowing them to steal the autos.”

“It was a trial-and-error process,”  Rubin said. “We wanted to see if it could be broken and found out that (surprisingly) it could!”

The technique requires a laptop, an RFID scanner and software capable of probing for encryption weaknesses. It only takes about 15 minutes for the software to explore millions of possible encryption answers, before finding the one that fits with the vehicle’s unique identity.  The thieves then submit an identical code to the vehicle, which allows them to ‘boost’ it.

15 minutes – it’s not long.  About the time it takes to park up, leave your vehicle and order at a restaurant, which seems to be what happened to the Beckhams.  And it just goes to show that no security system is 100% fool-proof, however peace of mind may soon arrive as British company RFID Protect hopes to manufacture RFID shielding sleeves that are specifically designed to protect a vehicle’s ‘smart key’ against unauthorised probing.

Original article at:

http://www.msnbc.msn.com/id/13507939/ns/business-autos/

NEWSFLASH: Update September 2012

This month sees AutoExpress reporting on a new twist to this story.  It transpires that BMW has at last accepted that there is an issue with its keyless entry systems on cars issued between 2007 and September 2011.  BBC’s Watchdog television programme highlighted a problem with certain models (specifically BMW X5 & X6) in June of this year, and since then a number of high profile cases have come to light.  One story in particular demonstrates the problem that BMW is now facing, because when London-based consultant Eric Gallina had his car stolen from outside his home he couldn’t understand how thieves had taken it.  Mr Gallina still had the two factory-issued master car keys in his possession, and there had been no evidence of vehicle break in (i.e. there was no broken window glass at the crime scene).

AutoExpress reported that Mr Gallina was told by police officers,

“…nine other BMWs with keyless entry had been stolen in the Notting Hill area within the past month and a half.”

Apologists for BMW have issued security guidance to owners of these models, although it is not clear whether an actual ‘fix’ for the problem is available at the time of writing.  According to AutoExpress BMW have issued the following advice,

“…[until the fix is available to all models], where ever possible park your car out of sight, in a locked garage, or under the cover of CCTV cameras.”

Easier said than done, and some will wonder whether this guidance from BMW has really been thought through, or goes far enough to address such a serious security flaw?

Original article at: http://www.autoexpress.co.uk/bmw/60264/bmw-owners-offered-fix-hi-tech-theft