Hacking Smart Cards

The basic intent of smart card technology was to provide security. The smart card was to be a personal identifier. It allowed security clearance, such as access to buildings. Now that smart card security has been compromised:

“Transit systems across Canada stand to lose tens of thousands of dollars to fare fraud, and access to office buildings could be compromised, after a security flaw in some of their smart-card technology was widely publicized this week.

Computer-security researchers at the Radboud University Nijmegen in the Netherlands revealed how the smart-card technology, called Mifare, can be hacked to let anyone with a computer and $100 worth of parts create counterfeit transit and building-access passes.”

link: Security flaw in smart cards poses risk for transit, building access

There has been controversy about the use of radio frequency identification (rfid) chips. The argument is that it is a means of tracking that violates privacy and security. This hack exposes a concern that many in the security community have expressed. The theoretic security that smart cards supposedly offer can not fend off the ingenuity of hackers.

Catherine Forsythe