Vulnerabilities in First-Generation RFID-enabled Credit Cards
vendor typically deploys an RFID-enabled credit card reader at each cash … magnetic stripes are read during an RF transaction, the RFID credit card …
Vulnerabilities in First-Generation RFID-enabled
Credit Cards.
Thomas S. Heydt-Benjamin1, Daniel V. Bailey2, Kevin Fu1, Ari Juels2, and Tom O’Hare3
1 University of Massachusetts
Amherst, MA, USA
{tshb, kevinfu}@cs.umass.edu
2 RSA Laboratories
Bedford, MA, USA
{dbailey, ajuels}@rsa.com
3 Innealta, Inc.
Salem, MA, USA
tom@innealta.com
Abstract. RFID-enabled credit cards are widely deployed in the United States and
other countries, but no public study has thoroughly analyzed the mechanisms that
provide both security and privacy. Using samples from a variety of RFID-enabled
credit cards, our study observes that (1) the cardholder’s name and often credit card
number and expiration are leaked in plaintext to unauthenticated readers, (2) our
homemade device costing around $150 effectively clones one type of skimmed cards
Vulnerabilities in First-Generation RFID-enabled
Credit Cards.
Thomas S. Heydt-Benjamin1, Daniel V. Bailey2, Kevin Fu1, Ari Juels2, and Tom O’Hare3
1 University of Massachusetts
Amherst, MA, USA
{tshb, kevinfu}@cs.umass.edu
2 RSA Laboratories
Bedford, MA, USA
{dbailey, ajuels}@rsa.com
3 Innealta, Inc.
Salem, MA, USA
tom@innealta.com
Abstract. RFID-enabled credit cards are widely deployed in the United States and
other countries, but no public study has thoroughly analyzed the mechanisms that
provide both security and privacy. Using samples from a variety of RFID-enabled
credit cards, our study observes that (1) the cardholder’s name and often credit card
number and expiration are leaked in plaintext to unauthenticated readers, (2) our
homemade device costing around $150 effectively clones one type of skimmed cards
Post a Comment