Non-unique RFID Unique numbers / 2015-02-16

Koos van den Hout

2015-02-16 Non-unique RFID Unique numbers 5 years ago
I recently learned that more than one Android mobile phone with NFC support has the same Unique ID: 01020304 (hex). If you want to use RFID tokens for authentication for certain tasks and let users bring their own tokens you need to block this specific not so unique ID.

Together with the fact that there are cards on the market where you can change the UID this means depending on an RFID UID only for authentication needs a serious risk assessment. But gaining access to more information on an ISO/IEC 14443 RFID device means that you either have to set the rules for the card (and probably pay for it) or make a rule for every type of card you find and still have issues.
Tags: ,
, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated in 0.004844 seconds.