Addressing end user privacy in contactless smart card systems

Tuesday, Nov 17th, 2009, 16.30-17.00 hrs

Although privacy discussions have become pretty common related to long-range RFID systems, there has been not a lot of movement in the contactless smart card community. This situation has changed, since the security and privacy of contactless smart card systems for public transport became the focus of an intense public discussion recently.

This discussion unveiled that the expectations of the various stakeholders in the ecosystem, such as manufacturers, end users, operators, system integrators, researchers and security experts, are differing greatly. These different interests need to be balanced carefully in order to restore and maintain public confidence in contactless smart card technology.

Privacy in the context of contactless smart cards can be viewed under different angles:

• Abuse of private data by the legitimate card issuer - user profiling, data mining
• How to protect private data stored on the card against physical and logical attacks
• Tracking of individuals by unique card or application properties (e.g. serial number of card)
• Application profiling from one or multiple cards
• Remotely using the card (card communication relay)

The presentation reviews these specific privacy threats and discusses various technology options related to IC products, such as random IDs, virtual card architectures and relay attack prevention, as well as the general set-up of contactless smart card systems in order to provide secure and sustainable solutions to improve the privacy of consumers.