The Smart Card Association (SCA) has come down heavily on the US researchers who reportedly said that a security flaw in the RFID contactless payment cards make it easier for the frauds to collect vital information of the cardholders.
A few months ago, the researchers from the University of Massachusetts, RSA Laboratories and Innealta have formed an RFID Consortium for Security and Privacy to find out the draw backs of RFID technology.
The group tested nearly 20 contactless cards and claimed that RFID cards are vulnerable to security attacks. A hacker can easily find out the names and other important information of the cardholder’s without approval. (See the demonstration.)
However, Smart Card Association defends the RFID technology by claiming the report submitted by the researcher is baseless. There is no indication that a criminal could complete a fraudulent contactless payment transaction in the real world.
In a statement the SCA said,
One reason is that the researchers conducted these tests in a lab setting using only contactless cards and readers and did not interact with the payment networks in any way. One cannot draw valid conclusions about the security of a payment network if you ignore the network.
