Researchers demonstrate using NFC-able Android phones to hack subway system
It’s not a secret that mobile payments are being pushed by many parties as the way of the future, but there’s more to NFC than just using it to buy a pack of gum. For one, it’s a neat way to transfer files between two NFC-equipped devices. Those with some extra time and knowledge can also tap on the power of the technology by getting NFC tags for some tasks automation. Let’s add one more to the list: using your Android device to ride the subway for free.
The last one is obviously illegal, so we don’t recommend pursuing it. If you’re doing it to help companies and others know about the weaknesses on their security system, we guess that makes it okay.
Enter Corey Benninger, a security researcher at Intrepidus Group, who demonstrated, at a security conference in Amsterdam, how he and his colleague were able to cook up an Android app in one night – the UltraReset app – that can fool the transit systems in various cities, such as the New Jersey Path and San Francisco Muni.
Using an NFC-equipped Android smartphone, they were able to easily reload the balance on the fare cards over and over again for a potentially unlimited train ride. The weak link in this case is the NFC fare cards that both systems utilize, particularly the Mifare Ultralight chip that is used, as it allows anyone to easily rewrite new data to the chip. You can watch the demonstration video here.
Although the security hole can be easily fixed, the tip that the team provided to the two transit systems back in December 2011 apparently hasn’t been put to good use. According to him, the systems are still open for abuse from enterprising folks. We trust you’re not going to Google the name of the app and give it a ride.
Any regular users of the technology here? How creative have you been in using NFC-equipped Android devices?