Identity, Security, Payments, Biometrics, Smart Cards and Authentication News

Biometric hack unveiled

Wednesday, April 2, 2008

A UK-based hacker has demonstrated a man in the middle attack aimed at biometrics. Matthew Lewis, of London-based Information Risk Management, unveiled the biologging attack at a Black Hat hacker conference in Amsterdam.

Lewis says biometric data is vulnerable because it isn’t encrypted between the sensor and the processor, according to the story in Techworld. The biologger captures the biometric data while its in transit between the two.

“Organizations across a number of different sectors are beginning to implement biometric systems as part of their physical and logical access controls, while a number of these systems and devices are configured to integrate with existing infrastructures for ease of deployment, such as through the use of IP protocols,” Lewis said in a recent white paper on biologging. “It is properties such as this that we seek to explore and exploit as part of a proof of concept construction of a biologger.”

The attacks would still be difficult to carry out, with the main obstacle being insertion of the biologic into the network, Lewis said.

Read the full story here[end] 

Related Articles
Smart Card Alliance releases NFC transit report

The Smart Card Alliance Transportation Council has published a white paper examining how the transit industry can best make use of NFC technology.

“One of the major challenges facing transit agencies today is how to capitalize on the ever-growing popularity of mobile phones with a solid mobile strategy,” said Transportation Council Chairman Craig Roberts. “This white paper builds on the knowledge base developed in earlier white papers to foster a greater understanding of NFC technology, explain its role in the transit industry, and shed light on key issues facing the transit industry in developing a mobile strategy.”

read more »
SITA, Orange streamline airports with NFC pilot

SITA, an IT provider for the air travel industry, has unveiled its first proof-of-concept for a solution that enables travelers to check in at the airport, gain access to members’ lounges and board their flight all with a simple tap of an NFC-enabled phone.

read more »
Cubic responds to Clipper card exploits

Cubic Transportation Systems, distributor of the electronic transit Clipper card, has responded to the recent news of a Ph.D. student in IT Security allegedly breaking the encryption in Clipper and similar transit cards.

read more »
Ahmedabad deploys smart cards for bus transit system

India transport operator Ahmedabad Janmarg Ltd. has launched a smart transit card for commuters traveling on the region’s bus system, according to ISO&Agent.

The agency began a six-month trial and August 2010 followed by a soft and silent launch in January 2012. The card is available now for a nonrefundable fee of 25 rupees ($.50 US cents) and allows commuters to travel for up to 100 minutes on one bus, for the minimum fare.

read more »
PIN hack revealed on Google Wallet

Web security provider Zvelo has uncovered a way crack the Google Wallet PIN security feature.

Using an app called “Wallet Cracker,” Zvelo was able to expose the PIN of a Google Wallet account without entering a single invalid attempt – five invalid attempts and the wallet locks out.

read more »
Raptor ID launches two mobile biometric devices

Raptor Identification Systems unveiled two new mobile biometric devices. The two new solutions, called RaptorONE-TM and RaptorPAD-TM, both run on the Android Mobile Operating System with one being powered by a smart phone and the other a tablet.

read more »

Copyright © 2012, AVISIAN, Inc. All rights reserved.