Scientists have found a way to circumvent the encryption used to protect a smartcard used to restrict access to buildings and to process public transit system payments.
"The attack, developed by researchers at Germany's Ruhr University, takes about seven hours to recover the secret key protecting the Mifare DESFire MF3ICD40," writes The Register's Dan Goodin. "The hack leaves no trace that the card has been compromised, and requires equipment costing $3,000."
"The contactless card, which some customers adopted following the cracking of the Mifare Classic in 2008, is used by transit agencies in San Francisco, Australia, and the Czech Republic," Goodin writes. "It was adopted by NASA in 2004, although it's not clear if the agency has since upgraded."
Go to "Scientists break card that secures homes, offices, transit" to read the detail.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.