SecureRF's IoT Security Blog

Articles related to IoT security and privacy solutions for NFC, RFID, embedded systems and other low-resource computing devices, keeping products smart and secure in the Internet of Things.

Not really cloning…

Published February 12, 2009 by SecureRF in Hacks, Passport Cards, Passports, Privacy, RFID, RFID Technology, Security, Smart Card Alliance

Contributed by Joanne C. Kelleher Last week, in Got $250? Cloning Electronic Passport Cards I discussed the presentation that security researcher Chris Paget planned to give at the Shmoocon hacker convention. The description of his talk says $250 on eBay buys the necessary kit to clone the Electronic Drivers License and US Passport Card… These two cards use unsecured EPC Gen 2 RFID technology. In […]


Consumers Misunderstand How RFID Works

Published April 23, 2008 by SecureRF in Passport Cards, Privacy, RFID, RFID Tag, RFID Technology, Security, Smart card, Smart Card Alliance

Contributed by Joanne C. Kelleher A new paper from researchers at the University of California, Berkeley says that consumers have misunderstandings about how RFID works and the security issues related to the technology. The report, Where’s The Beep?: Security, Privacy, and User Misunderstandings of RFID, issued by researchers Jennifer King and Andrew McDiarmid, focused on RFID-enabled passports, transit passes, and credit cards. The researches issued […]


Another RFID Hack – Contactless Credit Cards

Published March 25, 2008 by SecureRF in Cryptography, Hacks, RFID, RFID Technology, Security, Smart card, Smart Card Alliance

Contributed by Joanne Kelleher Another week and another blog entry about hacking RFID – this time it is contactless credit cards. Unlike the Mifare story which has received lots of international attention (see https://www.securerf.com/RFID-Security-blog/?p=46), so far this story had only been picked up by a few technology blogs. Maybe it is old news just presented in a new way. IT security expert, hacker and inventor […]


RFID Hack: Is That Your Credit Card Number on the Screen?

Published February 25, 2008 by SecureRF in RFID, RFID Tag, RFID Technology, Security, Smart card, Smart Card Alliance

Contributed by Joanne Kelleher At this year’s Black Hat security conference there was another hack on RFID from security researcher Adam Laurie. He was able to pull up the American Express credit card account data, including name, account number and expiration date, from the wallet of a volunteer and display it on the big screen to the audience. Laurie used his new Chapy tool, a […]


The Response to the Response

Published January 22, 2008 by SecureRF in Cryptography, Homeland Security, Passport Cards, Privacy, RFID, RFID Tag, Security, Smart card, Smart Card Alliance, State Department

Contributed by Joanne Kelleher In response to the negative press about the U.S. Passport Cards there has been some feedback from those people involved with the program. It seems highly unusual for current and prior Government officials to write an opinion piece or a letter to the editor. Kathy Kraninger, Director of the Screening and Coordination Office at the U.S. Department of Homeland Security sent […]


Get Real.

Published December 18, 2006 by SecureRF in Passport Cards, RFID, RFID Technology, Security, Smart Card Alliance

Contributed by Louis Parks Many of us have heard proposals for a national identity card but likely dismissed it as something to Orwellian to happen in the near future.  Surprise!  Your driving license is the first piece of a much larger master plan and is hoping to be ready by 2008. Back in 2005 the federal government passed President Bush’s Real ID Act. This act […]


Fair and Balanced?

Published November 3, 2006 by SecureRF in Homeland Security, Passport Cards, RFID, RFID Tag, RFID Technology, Smart card, Smart Card Alliance, State Department

Contributed by Louis Parks The Smart Card Alliance issued a press release this week (link no longer available) in attempt to clarify the pitfalls of relying on RFID technology to secure our borders. Unfortunately, its partial views, questionable reference to unrelated events, and failing to address the actual performance needs of the Passport card weaken their argument. First, it is unclear how much more secure […]


Search SecureRF