However, the Mifare smart card is used extensively across the world and it will now be necessary for affected parties, such as system inte-grators and operators to review their systems.
NXP said it would take months or even years for some users of the chip to adapt their systems, and that the publication was thus different from software hacks for which manufacturers can issue a patch much more quickly.Ī hacked Oyster card would not work indefi-nitely because data was stored both on the Oyster card and a central database which Transport for London claims would stop clones within 24 hours. The university says it immediately and confidentially informed the Dutch government as well as NXP of the results of the independent research on the Mifare Classic Chip.Ī court in Arnhem ruled that publishing this scientific article falls under the principle of freedom of expression and that in a democratic society it is of great importance that the results of scientific research can be published. Researchers at the university discovered the shortcomings of the chip in March 2008.
Mifare crack to be published as legal fight failsĪlegal attempt by chipmaker NXP has failed to dissuade researchers from Radboud University in the Netherlands from publishing their research into the cracking of Londons Oyster travel card. Adoption of the PINsentry reader by one mil-lion cardholders in one year is a clear demon-stration that we made the right choice. Our goal was to provide our online custom-ers with an easy-to-use, highly secure product to protect them against fraud, commented Sean Gilchrist, Digital Banking Director, Barclays. The maximum amount for personal online transactions has risen from an initial GBP 1 000 to GBP 10 000 and plans are in place to offer international payment for the purpose of funds transfer worldwide in the near future. Although slightly unwieldy (about the size of a pocket calcula-tor) customers are able to carry the devices with them and can perform secure online transactions from any personal computer.Īs part of the program, Barclays is now offering additional services to its online cus-tomers. With PINsentry, not only do Barclays cus-tomers easily generate One-Time-Passwords to authenticate themselves at log in, but they can also use it to sign transactions, which provides a much higher level of security than just authen-tication using static credentials.īarclays explained that all customers need to do is insert their usual chip-enabled bankĬard into the PINsentry reader from Gemalto and type in their card Personal Identification Number (PIN) code. User feedback has proven extremely positive and Barclays observed that customer acceptance was higher than anticipated by 30%. One million online Barclays customers use smart card readerBarclays has surpassed the one mil-lion mark for the number of its customers using a Gemalto-supplied cryptographic smart card reader, called PINsentry, whilst access-ing their accounts online.īarclays Bank, one of the largest financial services institutions in the world, started deploying its strong authentication program in July 2007 and not one PINsentry online cus-tomer has suffered fraud since then, the banks claims. Special rates are available for educational institutions that wish to make photocopies for non-profit educational classroom use.
Permission of the publisher and payment of a fee is required for all other photocopying, including multiple or systematic copying, copying for advertising or promotional purposes, resale, and all forms of document delivery. PhotocopyingSingle photocopies of single articles may be made for personal use as allowed by national copyright laws. All rights reservedThis journal and the individual contributions contained in it are protected under copyright by Elsevier Ltd, and the following terms and conditions apply to their use: