Vulnerabilities in first-generation RFID-enabled credit cards
Publication Date
2007
Journal or Book Title
FINANCIAL CRYPTOGRAPHY AND DATA SECURITY
Abstract
RFID-enabled credit cards are widely deployed in the United States and other countries, but no public study has thoroughly analyzed the mechanisms that provide both security and privacy. Using samples from a variety of RFID-enabled credit cards, our study observes that (1) the cardholder’s name and often credit card number and expiration are leaked in plaintext to unauthenticated readers, (2) our homemade device costing around $150 effectively clones one type of skimmed cards thus providing a proof-of-concept implementation for the RF replay attack, (3) information revealed by the RFID transmission cross contaminates the security of RFID and non-RFID payment contexts, and (4) RFID-enabled credit cards are susceptible in various degrees to a range of other traditional RFID attacks such as skimming and relaying.
DOI
https://doi.org/10.1007/978-3-540-77366-5_2
Pages
2-14
Volume
4886
Book Series Title
LECTURE NOTES IN COMPUTER SCIENCE
Recommended Citation
Heydt-Benjamin, TS; Bailey, DV; Fu, K; Juels, A; and O'Hare, T, "Vulnerabilities in first-generation RFID-enabled credit cards" (2007). FINANCIAL CRYPTOGRAPHY AND DATA SECURITY. 494.
https://doi.org/10.1007/978-3-540-77366-5_2