Comment by lxgr
2 years ago
It really depends. There are some contactless tags that really do nothing other than transmit a static identification number which is trivially spoofable, but many systems today use cryptography (again, some long cracked and horribly outdated, but others quite strong).
I have a contactless card that runs GPG as a Java Card applet and creates 4096-bit RSA signatures. That's pretty secure!
No comments yet
Contribute on Hacker News ↗