complete background check

RFID Cards are Easily Hacked or “Skimmed”

Bookmark and Share


Hackers Could Clone Your Office Key Card … From Your Pocket

Jillian Scharr | Article Courtesy of:  NBC News Technology
Skimming RFID Cards - Skip Tracing

Skimming RFID Cards – Skip Tracing

From HuMn:

It’s freaky knowing that someone can go online and purchase an RFID scanner for less than $100 and with a little computer savvy, start pulling information off of RFID embedded credit cards and ID’s (also known as skimming) without ever having to physically touch a single wallet or purse – and the victim wouldn’t even know that it had happened until much later.

Passive RFID-equipped key cards are most vulnerable.

Are you able to get into your office by simply bumping your purse or wallet against a reader? Then your office is using radio-frequency identification cards, or RFID cards, to manage building access and security.

And those RFID cards are vulnerable — now more than ever before, thanks to an invention by security professional Fran Brown that can read RFID cards from a distance and copy their data.

Using Brown’s device, all a criminal has to do is walk past you on the street in order to “clone” your RFID-equipped cards, even if they’re buried in your purse or pocket, and thereby gain access to your office.

RFID technology is all over the place.

Some devices like E-Z Passes (used in cars for tolls) use RFID chips, but they have a much larger range because they contain internal batteries that boost the signal. [See also: Wallet Guards to Digital Masks: Top Privacy Tech]

Brown is apparently talking only about passive RFID chips that don’t contain internal power systems and typically need to be within a few inches of a scanner to be read. But passive RFID-equipped devices are even more prevalent than battery-powered ones.

Certain credit cards — the kind you wave instead of swipe — use passive RFID to exchange data. Disney theme parks use RFID chips in their park passes. Many car keys use RFID chips to turn on the car’s system when the key is inserted. Most Western and East Asian countries put RFID chips in their passports for easy identification. A school in California even uses the technology to keep track of their preschoolers.

Brown, who works for global security consulting firm Bishop Fox, said that every single Fortune 500 company uses passive low-frequency RFID readers in their employees’ ID badges to regulate access into their office buildings.

Experts have long known that RFID systems are insecure.

They contain no encryption, for example, so anyone who gets within range of a RFID card could easily copy the data and create a clone.

However, the range on RFID-equipped cards such as office ID cards, tickets and subway passes is so low that traditional RFID readers needed to get within inches of the device to get any data.

Many thought that short range would be enough to keep the cards secure. Not anymore.

Brown’s device, however, is capable of picking up low-frequency RFIDs from up to three feet away.

This means you could sit in a Starbucks using Brown’s device, and in just a few minutes, you’d have the key codes for just about every office in the area.

CLICK HERE for the Complete Article


Hackers Could Clone Your Office Key Card … From Your Pocket

Jillian Scharr | Article Courtesy of:  NBC News Technology

Additional Reading:

Speak Your Mind

16 + twelve =

IP Blocking Protection is enabled by IP Address Blocker from