Comment Re:Security implications? (Score 3, Interesting) 111
It's actually written into the Mifare standard that the range of card reads is below a certain value (~100mm from memory).
Obviously the design of the reader itself is mostly responsible for the read range, however this does mean that there are no long range readers in circulation ATM, unlike the old 128KHz cards.
This type of card does require active comms with the reader (has a 2 way authentication mechanism) and will be much harder for engineers to produce long range readers as the card itself was never designed for it.
For the record, this particular standard has been regarded as out of date, and not too secure, for some time now within the physical electronic security industry. It has also been wrongly applied in most cases where the cards serial number is used as a credential, instead of storing access control data in your own application area with your own crypto keys, though this is mostly redundant now in the wake of this news...
Obviously the design of the reader itself is mostly responsible for the read range, however this does mean that there are no long range readers in circulation ATM, unlike the old 128KHz cards.
This type of card does require active comms with the reader (has a 2 way authentication mechanism) and will be much harder for engineers to produce long range readers as the card itself was never designed for it.
For the record, this particular standard has been regarded as out of date, and not too secure, for some time now within the physical electronic security industry. It has also been wrongly applied in most cases where the cards serial number is used as a credential, instead of storing access control data in your own application area with your own crypto keys, though this is mostly redundant now in the wake of this news...
