NO2ID

A growing concern for all those involved with contactless banking is the arrival of the e-pickpocket. Whether this is a real phenomenon - or just a clever marketing ploy from certain companies involved in selling RFID shielding devices it's not easy to tell.

But if the video at http://www.e-pickpocket.com (demonstrating the real-time skimming of contactless credit cards in a town centre situation) is for real, then surely this weakness in this particular technology doesn't end there.

Because if you own a new style e-passport, travel smart card, secure access pass, or ID card for that matter - then it's likely to use the same operating platform; so presumably these devices could also be at risk?

As Einstein once said, "Technological progress is like an axe in the hands of a pathological criminal."

Direct link to YouTube video to avoid bouncing through two sites to see it at a decent resolution.

The technology is somewhat different. JNonetheless we've had demonstrated eavesdropping on the communication between e-passport and reader, but it is difficult to see what the 'risk' is there, compared with cloning and matched forgery which we have also arranged demonstrations of.

For a criminal busting NFC payment systems is directly rewarding and vastly more attractive, so if you are worried about identity tokens being compromised (rather than the overweening demands for identity itself), then you might welcome this development as a diversion.