Oh, my. Are one billion RFID cards now at risk due to the Mifare Classic’s broken encryption, asks Engadget.
A new report says that the RFID system can be broken in minutes using a typical PC. They’ve also listed other now-potentially-vulnerable Mifare RFID implementations.
Criminals can use the hack to clone cards that use the Mifare Classic chip, allowing them to create copies of building access keys or commit identity theft. The chip is the basis of a national proof-of-payment system for public transport and is used in payment systems worldwide, such as the Oyster Card in the U.K. and the CharlieCard that is used in Boston.
Contactless smart cards communicate with card readers through RFID induction. These cards require only close proximity to an antenna to complete a transaction. They are often used on mass transit systems, where smart cards can be used without even removing them from a wallet.