Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Android NFC hack enables travelers to ride US subways for free, researchers say

Loek Essers | Sept. 21, 2012
Contactless fare cards in the New Jersey and San Francisco transit systems can be manipulated using an Android application, enabling travelers to reset their card balance and travel for free, researchers demonstrated on Thursday during the EUSecWest security conference in Amsterdam.

The app is, however, able to see if the bits are turned on or not, he added, saying that this gives a good indication whether the system is vulnerable. "But you won't be able to check the back end," Benninger said.

The vulnerability could be fixed relatively easy, according to the researchers. Transit companies could use a more secure chip, or adjust their back-end systems to make sure the bits in the cards are turned on when travel units are used, they said.

"Our purpose is not to rub anybody's nose in," said Sobell. "We just want to raise awareness for an issue that potentially could affect many systems."

 

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.