Security weaknesses found in smart cards

RFID chips that are being placed in credit, debit, and other electronic cards have now been shown to have some glaring security vulnerabilities.  Prof. Avishai Wool of Tel Aviv University’s School of Electrical Engineering has released a new study on the chips in the smart cards, which hold very private information about the cards’ owners.  This same prof. previously exposed hacking vulnerabilities of RFID chips in U.S. passports and came up with a solution for the problem.

Prof. Wool and his students were able to construct a device using accessible materials that could hack and disrupt the transmission of information from electronic cards.  The device used was assembled using a $20 disposable camera, copper piping used for gas stoves, and an RFID antenna used in the disposable camera to replace its bulb.  The device can zap the transmission of the cards when they are swiped through a reader by emitting an electromagnetic pulse that stops the card’s ability to be read.  The signal from the device can also destroy the information on the RFID chip.

A battery-powered transmitter was also used in the study to jam the card’s transmission from as much as 20 yards away, even though the cards are only supposed to be read by an antenna within two feet of the card.  The prof. pointed out that this has dire implications for people who will use e-voting in Israel’s new voting systems.  Any average Joe will be able to rig votes from a distance or completely shut down a voting station.  It can also allow a terrorist to use someone else’s e-passport at a border crossing by zapping the Border Patrol’s electronic system.

So what’s the remedy?  Aluminum foil.  It supposedly protects the cards from being zapped.  And for electronic ballot boxes, Prof. Wool suggests they be constructed with conductive materials.

In the world ye shall have tribulation: but be of good cheer; I have overcome the world. [John 16:33]

Source:, April 25, 2010.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Create a free website or blog at

Up ↑

%d bloggers like this: