07. 01. 2006
Citibank's RFID PayPass credit card
Dan Costa over at Gearlog was recently sent a new type of credit card by his bank. The new MasterCard PayPass is an RFID token that uses radio frequency keys to authorize purchases. The basic principle is very similar to the speed passes currently in use at gas stations, toll booths, and subway stations all over the country.
Dr. Costa did a very nice write up on the potential pitfalls and inherent security features embedded into the payment medium, but he missed one bit of very important information. Hackers have already managed to solve the problem of trying to read a chip from within two inches, and rumor has it that there are breathtaking hacks regarding RFID capture and spoofing being released at this year's Defcon conference.
It's a very interesting read to see where the technology is now, but I do not trust that keyfob yet.