Hackers 'Tap In' to Improve Radio Frequency (RFID) Systems

Dennis Faas's picture

Radio frequency identification (RFID) is behind new-age systems the Highway E-Z Pass and the MasterCard PayPass bank card.  Unfortunately, it now seems hackers are trying to take advantage of this convenient technology, and security experts are facing a serious challenge in keeping people safe.

To participate in the Highway E-Z Pass, a person must first install a RFID tag in their windshield prior to traveling on a toll highway. When the driver approaches the stretch of the road that requires payment, their account is electronically debited. MasterCard PayPass bank cards work in a similar fashion.

RFID: a Two-Part System

RFID systems are composed of two parts: an integrated circuit for storing and processing data and an antenna for receiving and transmitting the signal. RFID tags may contain a battery, therefore transmitting signals autonomously. Or, they may not contain a battery, therefore requiring transmission from an external source. (Source: transcore.com)

With technology always in a state of constant evolution, radio frequency identification chips are now being engineered to transmit signals over great distances.

International Travel Companion

The U.S. Passport Card RFID is one such device being reworked for optimal performance. American citizens use the card in place of an actual passport to enter into Canada or Mexico. Among the stored personal information on these cards is the gender, age, citizenship and even photograph of the international commuter. The latest batch of RFID-based U.S. Passport Cards are able to read identification tags up to 30 feet away.

Greater Distances = Greater Opportunities for Hackers

Still, dealing with radio frequencies over great distances may send out subtle invitations for unwanted guests. With this realization, hackers have turned their attention to usurping personal identification without ever being detected.

However, the designers of RFID systems are receiving some assistance from cryptography specialists who infiltrate their systems, much like a hacker would. The results have proven to be real "eye-openers".

A team of "helpful hackers" were able to collect personal medical records from a defibrillator by using an ad-hoc, unauthorized device. The team was also able to assume control of the defibrillator, sending potentially life-threatening shocks to a mock patient.

Security Device "Sounds Off and Vibrates"

With these developments, researchers have been working overtime to create a radio frequency gadget that would sound off an audible alarm and vibrate when it detects unauthorized attempts to reprogram an implanted device (like a defibrillator). The device, named WISPer, was tested on a mock torso made of beef and bacon with deliciously successful results. (Source: boston.com)

While it may seem strange and somewhat comical to see someone sound off and vibrate in a cell phone-like manner, doing so could prove to be the difference in saving their life.

Rate this article: 
No votes yet