PCMag Digital Network
Seen a hot gadget?  Tell Us   
Top Categories
Home
Apple (Macintosh, iPod)
Computer Accessories
Desktops & Laptops
Digital Cameras
Gadgets & Gizmos
HDTV & Home Theater Systems
Handhelds & PDAs
MP3 & Digital Audio
All Categories
About Gearlog
Apple (Macintosh, iPod)
Apple iPhone
Ask an Analyst
Bluetooth Technology
CES 2009
Car Tech
Carrying Cases & Bags
Cell Phones & Services
Cheap Geek
Computer & Video Games
Computer Accessories
Control Your DSLR
Costa Living
Desktops & Laptops
Digital Cameras
DigitalLife
Do-It-Yourself
Duck Tech
Emerging Tech
Feedback
GPS & Navigation
Gadgets & Gizmos
Gearlog Video
Girl Gear
Green Tech
HDTV & Home Theater Systems
Haiku Reviews
Handhelds & PDAs
Hard Drives & Storage
Holiday Gift Guide
MP3 & Digital Audio
MWC 2009
Monitors
Networking & Broadband
Radio (Amateur, Satellite)
Retro Tech
Robots & Robotics
Smart Devices
Tech Toys
VOIP Technology
WAP & Wireless
Wearable Tech
Weird Gear
Don't Shoot In Auto--Long Exposure Photography
CTIA 2009: AT&T Wireless OK With Skype, In The Future
Exclusive Pics: Hands-On With the Nintendo DSi
CTIA 2009: The Ghost of iPhone Looms Over Microsoft's CTIA Keynote
Jupiter's Great Red Spot Shrinking: Report
Subscribe to Gearlog Update
Our FREE email newsletter delivered to your inbox.
Email: 
Format: 
Contact Us
Got a Question?
A Comment?
E-mail us at:
gearlog@ziffdavis.com
 
Sites We Like
Monday October 23, 2006
RFID Credit Cards: No-Swipe Concept Insecure?
Categories:  
Smart Devices, WAP & Wireless, Wearable Tech
Tags:  

23card.1901.jpgI'm sure a lot of you have heard of (or even own) a "Blink" card from Chase. Citibank has something similar with their PayPass cards. Suffice to say, Visa, Mastercard and American Express all offer some sort of built-in RFID chip that lets you pay for stuff by waving it across a special card reader.

Pretty neat--if you don't mind the security risks. The New York Times just published an article that reveals the security holes in these "no-swipe" cards. In a study performed by RSA labs on 20 credit cards, it found that the cardholder's name and other info was being transmitted without encryption. It wasn't transmitting the card numbers or expiration dates, thankfully, and card companies are in the process of deleting names from the transmission. These problems will be addressed over time, and I'm not about to put my Blink card in a metal container until I see Dan Costa get hacked.

Via NY Times

| Stumble | Digg | del.icio.us | Slashdot
Posted By:  Cisco Cheng
Comments (1)
Tell a friend about this post
Posted by: David Molnar
October 23, 2006 7:15 PM

It did not transmit the CVV code, but the card number and expiration date were in fact transmitted. You can read more at the researchers' site here: http://www.rfid-cusp.org/blog/blog-23-10-2006.html


* = required
    Remember Me?
  
Please keep your comments on topic. Intelligent, thoughtful comments and questions are appreciated. Comments that contain personal attacks or profanity may be edited or removed. Comments containing personal information such as phone numbers, credit card numbers, or addresses may be edited or removed. Comments with advertisements will be removed.


 
Lenovo ThinkPad T400
Lenovo ThinkPad W700
Click Here Click Here
         
    Ziff Davis Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters | RSS Feeds | Tech Shop | Tech Encyclopedia | PC Downloads | Tech Webcasts | Tech Podcasts | Tech Video | Ziff Davis Media International
AppScout | Cranky Geeks | DigitalLife | DL.TV | ExtremeTech | Filefront | GearLog | GoodCleanTech | PC Magazine | PCMagCasts | Security Watch | Smart Device Central | What's New Now |
Privacy Policy | Terms of Service | Linking Policy | Contact Us |
Copyright © 1996-2009 Ziff Davis Publishing Holdings Inc. All Rights Reserved. PC Magazine, the PCMag.com logo and Gearlog are registered trademarks of Ziff Davis Publishing Holdings Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Media Inc. is prohibited.