BMEWS
 

BRITAIN INTRODUCES ID CARDS FOR FOREIGN NATIONALS.

 
 


Posted by peiper    United Kingdom   on 11/26/2008 at 02:03 PM   
 
  1. Hey peiper, I ran into a situation where a payment instrument issued to me (credit-card) had an RFID chip in it.  “Just wave the credit card at the payment station and your payment will be processed.” ‘Not just no, but HELL NO,’ was my response.  I couldn’t get the issuing company to give me a normal card without the RFID technology, so I used a Dremmel tool to remove it from the back-side of the card, and filled it in with some white nail polish my wife had on hand for Halloween.  It worked, the RFID was disabled, and I use it the old way (mag-stripe being swiped.)

    However, if you do that to government issued ID, you’d effectively invalidate it, and might end up in hot water for destroying/defacing something still “owned by the government” (as they’re fond of doing with their instruments of identification or licensing.)

    To prevent improper reads of the ID number by improper individuals with their own readers, I would need a different solution, so I went looking in advance, and found this:  DIFRwear products.  They’re effectively leather wallets/passport holders with a copper shield built in (a mini faraday cage, if you will.) They have a demonstration video that seems to prove they’re pretty darned effective.

    Just thought you might want to know about them, if you’re forced to get one of these ID’s.  Then you can choose when and where it’s read…

    Posted by Argentium G. Tiger    Canada   11/26/2008  at  03:22 PM  

  2. Peiper I agree with you the UK governments track record with losing data is horrific. If it were me I would stick two fingers up. Besides how long will it be before we see a Peiper turn up with some Nigerians face on the ID? Especially when the Home Office employs them in it’s HQ in Croydon. The real reason behind this ID card bullshit is nothing to do with terrorism, benefit fraud or any of the reasons the government trot out. It is purely and simply to push Britain further into the EU superstate. Every EU country makes it’s citizens have ID cards. Some of them are rubbish like the toilet paper ID that the French still issue from their embassies. Some of them are very good, like the German Ausweis. This is all about control and I don’t plan on having any of it. They are picking on you because you are seen to be a soft target. Don’t let them get away with it. Why do they need your fingerprints and retina scan? You have a passport, what more do they need?

    Argentium that sounds like a nifty idea having a pocket Faraday cage for your credit card. I didn’t realise they were putting rfid chips in. Are they easy to spot? My UK credit cards have a chip and pin setup which I believe they plan to introduce in Canada soon but this as far as I am aware is just an encrypted chip, not rfid.

    Posted by LyndonB    Canada   11/26/2008  at  05:29 PM  

  3. wow .. you guys have me on this one.  Faraday cage?  I never heard of that. What exactly is that? Sounds like double 07.

    some Nigerians face on the ID? Especially when the Home Office employs them in it’s HQ in Croydon.

    Oh wonderful. How’d things get to this?
    On the ID card tho, wouldn’t that be something used say at an airport or to do with security?  Scary isn’t it? I guess any official could ask for “proper ID” and it would be a card.
    Lyndon is right.  It covers the easy targets, really easy.

    Posted by peiper    United Kingdom   11/26/2008  at  06:28 PM  

  4. Hmmm....
    I didn’t see a “666” anywhere on the sample.
    I suppose it can only be read under ultraviolet.

    Posted by Horrabin    United States   11/26/2008  at  08:06 PM  

  5. Peiper this is one that used to work for the Home Office

    http://news.bbc.co.uk/1/hi/england/kent/4223665.stm

    Peiper the Faraday cage is essentially just a metal screen. It blocks most electromagnetic radiation (light, radio waves etc.) you could get the same effect by wrapping the card in alumimium foil. Think of your car in a thunderstorm. It acts as a Farady cage if struck by lightning the electricity goes around the body of the car to earth so you don’t get zapped.

    Horrabin possibly UV, but could also be in a latent image using intaglio ink rasberry

    Posted by LyndonB    Canada   11/27/2008  at  12:33 AM  

  6. LyndonB: 

    > I didn’t realise they were putting rfid chips in. Are they easy to spot?

    Hold yours up to the light at an angle and move the card around, looking for the small square that is slightly different in reflectivity than the rest of the card.  This should reveal the spot where the RFID chip is, and you should be able to see it from both sides at the same spot.  It’s about 5mm in size.

    Search this page for the phrase “Paypass” and you’ll see what companies are starting to use this technology in their credit cards.  You’ll also see a picture of the RFID chip.

    I made the decision to remove mine after locating information about programmable ID RFID chips and realizing that cloning a read-only ID into a read-writable ID wouldn’t be that difficult.  It’s a criminal’s shopping-spree dream.  No signature check, just wave a piece of plastic at the reader, using a number you cloned off of someone else’s card as they walked out the door of the store.  See, they didn’t notice you had a battery powered home-made reader velcroed to the door-jam; a reader that has a larger range than the point-of-sale terminal ones.  Oops.  So much for the security the credit card companies talk about.

    I located the chip in mine with simple visual inspection (it was easy/obvious) and drilled it out and destroyed it from the back-side of the card with a dremmel tool.  I avoided going all the way through the card.

    Another co-worker has been experimenting with microwaving his at different times (increasing the cook-time between test-purchases at a pay-pass enabled point-of-sale terminal).  His goal is to fry the RFID chip leaving no visible traces.  If it works, it’s a better method than mine, and I’ll adopt his method.  No final data on this yet, he’s still working on this experiment.

    The credit card companies appear to be VERY nervous about public disclosure of the security behind the RFID enabled credit cards.  Adam Savage of Mythbusters was at a convention and this video was captured.  Watch the first 2 minutes:  Hope2601 Pt 10, Adam Savage and “The RFID Censorship Question”

    “One of our researchers called up Texas Instruments.  They arranged a conference call… Tuesday at 10 AM, Lynda and Torrie get on the phone, Texas Instruments comes on, along with Chief Legal Counsel for American Express, Visa, Discover, EVERYONE ELSE. ...”

    The credit card companies would not let Discovery Channel and Mythbusters explore RFID vulnerabilities, under any circumstances.

    That told me all I needed to know.  Where I can disable the RFID chip, I will.  Where I can’t (Identification instrument that requires the chip as part of the security check), I’ll use an exterior shield to protect it from being casually read and/or cloned.

    I do not know if the Canadian Passports use RFID (or plan to), but the UK ones do, and their security has already been broken.  I’ll just pick up the DIFRwear products and not take the chance.

    LyndonB:

    > My UK credit cards have a chip and pin setup which I believe they plan to
    > introduce in Canada soon but this as far as I am aware is just an encrypted
    > chip, not rfid.

    Chip and Pin is probably better than RFID because it requires physical contact, which you can reasonably control.

    Posted by Argentium G. Tiger    Canada   11/27/2008  at  10:06 AM  

  7. Olufunke Sonoiki

    Good Grief Lyndon, I can’t even pronounce that name. Gee, ain’t she pretty? To another ape maybe. Maybe not.
    We’re all doomed.

    Posted by peiper    United Kingdom   11/27/2008  at  01:51 PM  

Commenting is not available in this weblog entry.

Next entry: Look over here, don't move, smile and don't blink.

Previous entry: Everyone just relax please

<< BMEWS Main Page >>