It seems that the RFID chip used in London Underground’s Oyster Card – supplied by former Philips subsidiary, NXP Semiconductor – has been hacked by researchers at the University of Virginia.

The researchers were testing the claims in a report for the Dutch government that hacking the travelcard would require at least $9,000 worth of hardware and would not be an easy prospect for at least two years. They have found that they can do the same job with a standard laptop computer and some cheap equipement.
It’s not clear yet what implications this has for Oyster card users, but presumably cards can be cloned by reading the RFID signal with a small device attached to the reader in quiet stations. You can then embed that into cloned cards and sell them as a way of getting free transport.

As journeys are logged, it is likely that unusual travel patterns would trigger fraud software and cut the card off – but that then in turn causes considerable inconvenience to the legit passenger.

At a time when we are preparing for the UK government to force us into some monolithic database and ID card scheme, this is a timely reminder of how nothing is ever really secure from being hacked.

Links:

University of Virginia press release

NEWSLETTER

Be the first to know what's on in London, and the latest news published on ianVisits.

You can unsubscribe at any time from my weekly emails.

Tagged with:
SUPPORT THIS WEBSITE

This website has been running now for over a decade, and while advertising revenue contributes to funding the website, it doesn't cover the costs. That is why I have set up a facility with DonorBox where you can contribute to the costs of the website and time invested in writing and research for the news articles.

It's very similar to the way The Guardian and many smaller websites are now seeking to generate an income in the face of rising costs and declining advertising.

Whether it's a one-off donation or a regular giver, every additional support goes a long way to covering the running costs of this website, and keeping you regularly topped up doses of Londony news and facts.

If you like what you read on here, then please support the website here.

Thank you

0 comments
2 Pings/Trackbacks for "Hacking the Oyster Card"
  1. Hacking » Blog Archive » Hacking the Oyster Card says:
    10 March 2008 at 9:12 pm

    […] Read the rest of this great post here […]

  2. IanVisits… » MI5 wants access to your Oyster Card records says:
    17 March 2008 at 1:57 pm

    […] that the Oyster card can be hacked, we learn that MI5 thinks the system is good enough to assist in preventing […]

Home >> News >> geekery