Peratech reduces the risks of Contactless RFID

(13/10/2008)

Chip and Pin was introduced to reduce skimming of credit cards, i.e. reading the information on the credit card and making a clone of it. However, the readers use mechanical contacts onto the chip embedded in the card and these are prone to failure hence the move to contactless cards which are now being trialled in the UK such as Oyster, Visa Wave and O2 Wallet.

Contactless RFID is well established for access control for buildings; simply wave your pass near the reader and the door opens. This technology is now being rolled out in the UK and around the World for so called ‘BioMetric passports’ and credit cards because there are no physical contacts or magnetic stripe to wear out. However, it is generally not realised just how easy it is for unauthorised people to access the information on these devices without the owners even realising, warns Peratech.

With Chip and Pin or magnetic stripe, the owner makes a conscious decision to authorise the reading of information by physically handing over the device. Contactless RFID uses a short range wireless link from a reader to activate a chip which can then be interrogated to provide information stored on it. The problem is that readers are easily available for purchase by anyone and the security codes that protect the information have already been hacked in some cases – details have been published on several websites for some time.

“Contactless skimming can be done without the owner even being aware that it has happened,” explained David Lussey, CTO of Peratech. “Your identity and financial information could be stolen by the person sitting behind you on the bus, on the train, in a queue – even walking down the street - and you would never know that is was happening.”

Peratech has announced that it has a solution to this problem that puts the owner back in control of who accesses their information. A very thin, pressure-sensitive material which acts as a switch is embedded in the circuit and then can be laminated in the same way as current credit cards are produced. Only when the switch is squeezed by the owner will the device become active.

The switch is only possible in such a thin application because it is made from Peratech’s Quantum Tunnelling Composites (QTCs). At only 70 microns thick, the switch is even thinner than the chip enabling it to be easily embedded into a credit card, passport or access pass. QTC technology has no moving parts and requires no air gap between contacts and is robust enough to survive many years of switching on and off. This makes it extremely reliable and suitable for integration into the thinnest electronic designs and with industry leading operational life.

“Putting QTC switches into these devices would put the owner firmly back in control of who accesses their personal information,” concluded David Lussey.

Related topics:  Authentication and identity management   Crime and Fraud Prevention   RFID   Tagging vandalism and theft prevention 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources