Fraunhofer IT expert warns of security flaw in charge cards
A serial number is all a fraudster needs to hack a stranger’s charge card and to rejoice his own EV for free, warns a researcher from Fraunhofer ITWM. What charge cards lack is a signature that can be clearly identified.
Charging cards using an NFC chip can easily be manipulated warns Mathias Dalheimer from Fraunhofer ITWM. He found that the cards stored no analogue nor digital signature which could identify a client unequivocally. Instead they simply work with a serial number which hackers could easily clone and then charge their cars with someone else’s card.
The researcher explained the issue to Spiegel Online saying “it is as if I could shop in a supermarket with nothing but a photocopy of a debit card.” When asking charging card provider The New Motion, the company confirmed that it would indeed be possible to copy a charge card but said that no such case had ever been reported.
Dalheimer found further security issues in the Open Charge Point Protocol (OCCP) and will give a detailed account of his findings at the next Chaos Computer Club (CCC) meeting.
spiegel.de (in German)
0 Comments