Researchers See Privacy Pitfalls in No-Swipe Credit Cards

[David Farber <dave () farber net>]

Begin forwarded message:

From: Evan Korth <korth () cs nyu edu>
Date: October 22, 2006 7:50:36 PM EDT
To: Dave Farber <dave () farber net>
Subject: Researchers See Privacy Pitfalls in No-Swipe Credit Cards


By JOHN SCHWARTZ
Published: October 23, 2006

AMHERST, Mass. . They call it the .Johnny Carson attack,. for his  
comic pose as a psychic divining the contents of an envelope.

Tom Heydt-Benjamin tapped an envelope against a black plastic box  
connected to his computer. Within moments, the screen showed a  
garbled string of characters that included this: fu/kevine, along  
with some numbers.

Mr. Heydt-Benjamin then ripped open the envelope. Inside was a credit  
card, fresh from the issuing bank. The card bore the name of Kevin E.  
Fu, a computer science professor at the University of Massachusetts,  
Amherst, who was standing nearby. The card number and expiration date  
matched those numbers on the screen.

The demonstration revealed potential security and privacy holes in a  
new generation of credit cards . cards whose data is relayed by radio  
waves without need of a signature or physical swiping through a  
machine. Tens of millions of the cards have been issued, and  
equipment for their use is showing up at a growing number of  
locations, including CVS pharmacies, McDonald.s restaurants and many  
movie theaters.

---------------------------------------------------
snip


http://www.nytimes.com/2006/10/23/business/23card.html



-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/