Federal agents attending this year's DefCon hacker convention were in for a surprise when top RFID researchers revealed that they scanned five convention attendees' and potentially one Federal agent's RFID-enabled card
s. Researchers set up an RFID reader with a web camera that skimmed RFID-enabled cards and took a picture of their owners as they passed within two to three feet. Using information read on an RFID chip, a hacker could clone the chip and impersonate the card's owner. Depending on the chip, a hacker could also discover personal information about the owner. Federal agents, including those from the FBI and Department of Defense, only found out about this project when they were told by a DefCon staffer. One former agent's response: "I saw a few jaws drop when he said that."
RFID chips aren't just found in government IDs--several states are currently issuing enhanced drivers' licenses (EDLs)
that incorporate vicinity-read RFID chips as part of the Western Hemisphere Travel Initiative. The State Department's new PASScard
(passport card) also incorporates the same RFID technology. We have seen independent demonstrations of how easily RFID chips can be skimmed
using inexpensive, off-the-shelf equipment. Vicinity-read RFID chips in particular are more vulnerable to being scanned because of their ability to be read at a greater distance.
Read more »