PCMag Digital Network
Seen a hot gadget?  Tell Us   
Top Categories
Home
Apple (Macintosh, iPod)
Computer Accessories
Desktops & Laptops
Digital Cameras
Gadgets & Gizmos
HDTV & Home Theater Systems
MP3 & Digital Audio
All Categories
About Gearlog
Apple (Macintosh, iPod)
Apple iPhone
Bluetooth Technology
CES
Car Tech
Cell Phones & Smartphones
Computer Accessories
Control Your DSLR
DIY
Desktops & Laptops
Digital Cameras
Emerging Tech
Feedback
GPS & Navigation
Gadgets & Gizmos
Gearlog Video
Green Tech
HDTV & Home Theater Systems
Holiday Gifts
MP3 & Digital Audio
MWC
Miscellaneous Tech
Monitors
Networking & VoIP Technology
Radio (Amateur, Satellite)
Robots & Robotics
Space Tech
Tech Toys
TechSaver
Video Games
WAP & Wireless
Blue Microphone Unleashes the Yeti
Live Blog: Google Chrome OS Event
Hands On, Kid Tested: Nanover Nanoscope
Verizon Launches Rugged G'zOne Rock
NASA Astronauts Get Ready for Spacewalk
Contact Us
Got a Question?
A Comment?
E-mail us at:
gearlog@ziffdavis.com
 
Sites We Like
Gearlog on Twitter
Gearlog for Kindle
GoodCleanTech Recycling Superguide
Monday October 23, 2006
RFID Credit Cards: No-Swipe Concept Insecure?
Categories:  
Cell Phones & Smartphones, WAP & Wireless
Tags:  

23card.1901.jpgI'm sure a lot of you have heard of (or even own) a "Blink" card from Chase. Citibank has something similar with their PayPass cards. Suffice to say, Visa, Mastercard and American Express all offer some sort of built-in RFID chip that lets you pay for stuff by waving it across a special card reader.

Pretty neat--if you don't mind the security risks. The New York Times just published an article that reveals the security holes in these "no-swipe" cards. In a study performed by RSA labs on 20 credit cards, it found that the cardholder's name and other info was being transmitted without encryption. It wasn't transmitting the card numbers or expiration dates, thankfully, and card companies are in the process of deleting names from the transmission. These problems will be addressed over time, and I'm not about to put my Blink card in a metal container until I see Dan Costa get hacked.

Via NY Times
Mixx It Mixx It Digg It Digg It StumbleUpon Toolbar Stumble Share More...

Content Recommendations from Evri
Posted By:  Cisco Cheng
Comments (1)
Tell a friend about this post
Posted by: David Molnar
October 23, 2006 7:15 PM

It did not transmit the CVV code, but the card number and expiration date were in fact transmitted. You can read more at the researchers' site here: http://www.rfid-cusp.org/blog/blog-23-10-2006.html


* = required
    Remember Me?
  
Please keep your comments on topic. Intelligent, thoughtful comments and questions are appreciated. Comments that contain personal attacks or profanity may be edited or removed. Comments containing personal information such as phone numbers, credit card numbers, or addresses may be edited or removed. Comments with advertisements will be removed.


 
Info Centers
Special Offers
         
 
  Ziff Davis Home | Contact Us | Advertise | Link to Us | Newsletters | RSS Feeds | Ziff Davis Media International
Digital Edition Customer Service | Subscribe to PCMag Digital Edition | Reprints
AppScout | Cranky Geeks | DigitalLife | DL.TV | ExtremeTech | GearLog | GoodCleanTech | PC Magazine | PCMagCasts | Security Watch | Smart Device Central | TechSaver
AppScout Mobile | Gearlog Mobile | GoodCleanTech Mobile | PCMag.com Mobile
Privacy Policy | Terms of Service | Linking Policy | Contact Us
Copyright © 1996-2009 Ziff Davis Publishing Holdings Inc. All Rights Reserved. PC Magazine, the PCMag.com logo and Gearlog are registered trademarks of Ziff Davis Publishing Holdings Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Media Inc. is prohibited.