Via os3.nl -
Students at the University of Amsterdam have discovered a vulnerability in the security software of the disposable “OV-chipkaart” that is used as a RFID based ticket for public transportation in the Netherlands. This flaw allows reuse of the disposable ticket. The public transportation operators are taking measures to solve the problem.
During a security evaluation, students of the master System and Network Engineering found an error in the RFID reader software of the OV-chipkaart gates. The disposable cards can be manipulated and reused. The problem was not caused by the card itself, but by the software in the reader on subway stations that checks the validity of the ticket.
The problem does not occur in the reloadable e-purse version of the OV-chipkaart, but only in the disposable short term use variant of the ticket that can be used for local transport in the cities of Amsterdam and Rotterdam.
No comments:
Post a Comment