Select language:    Bookmark and Share  
Home   Buy now   Screenshots   Compare   Download   Support   Partners   Contact
Product Info
Live video demos
Report & Management Live Demo
Editions Comparison
Why MyUSBOnly
Report & Management New!
Version History
Download free trial
See our clients
Buy now
Locate a local reseller
Purchase orders
Volume discounts
Lost registration key
Online manual
Security news
Contact us

Oyster card cloning fears

by Mark Prigg

Researchers claim to have broken the electronic security used in the Oyster card and warned the way could be opened for them to be "cloned" using home computers.

German computer engineering students behind the discovery claim any of the 10 million Oyster cards in circulation could now be cloned in under 10 minutes using a standard PC and card reader.

The cloned cards could then be used by fraudsters to travel free.

The discovery has forced the Dutch government, which uses a similar card, to issue a security warning. Government institutions plan to take " additional security measures to safeguard security", said Guusje ter Horst, minister of interior affairs.

The technology used in the Oyster card, called the Mifare Classic RFID (radio frequency identification) chip, is used in a billion passes worldwide and is manufactured by a Netherlands company called NXP, founded by electronics giant Philips. The company said it was "taking these claims very seriously".

A spokesman added: "NXP has established an open dialogue with the researchers and is evaluating possible attacks." Two separate research teams have claimed to have broken the card's security.

German researchers Karsten Nohl and Henryk Pl?tz, who first hacked parts of the chip last December, this week published a paper demonstrating a way to crack the chip's encryption technology. Mr Nohl, a PhD candidate in computer engineering at Virginia University, said: "I don't want to help attackers, but I want to inform people about the vulnerabilities of these cards."

A second team, led by Bart Jacobs, an information security professor at the Radboud University in Nijmegen, has also published hacking details. However, Transport for London said today it was confident it would be able to spot cloned cards. A spokesman said: "All Oyster information is fully encrypted and we have adopted extra security measures on top of that available on the source chips."




We offer you a 30-day unconditional money back guarantee! 100% satisfaction or your money back.




Microsoft Windows XP, Server 2003, 2008, Vista, 7, 8, 10, 11 - MyUSBOnly is not a resource-consuming utility.


Home | Pricing | Buy now | Screenshots | Download | Support | Resellers | Affiliates | Pressroom | Contact | About | Sitemap

Copyright © Whatlink Software Limited. 2003-2023. All Rights Reserved. EULA | Privacy Statement