More RFID Nonsense at Walt Disney World

Here we go again. First cups that track your drink usage, now “NextGen” wristbands with your tickets, room key, FastPass, pool access, and credit card info on them.

RFID wristbands (photo from Dizfanatic.com)

I’m all for making life easier, and admittedly would rather carry around one card than five, but what is Disney’s obsession with RFID? What’s so bad about magnetic stripes? Is it really that much harder to swipe a card than it is to hold up your arm to a RFID reader?

The reason I’m bitching is twofold: first, I hate wearing wristbands. They’re uncomfortable, and I find myself constantly tugging at them. Secondly, and more importantly, RFID is not secure, because it requires broadcasting of the information on the chip/tag across the air. Which means that information can be intercepted via an antenna. Which can’t happen with a magnetic stripe.

Here are a few of my sources:

-First, an article about how Mythbusters got shot down by the credit card companies when they tried to do a show about RFID security issues.

-Second, an article about a “white hat” hacker who built a portable RFID reader/antenna that allowed him to read Passport data while driving around in his car!

-Finally, and coolest/most worrisome of all, are publicly available plans for a portable RFID reader/transmitter that can quickly read an RFID tag and then transmit a copy of that same info. Meaning, someone could copy your RFID data from a distance and use it over and over to buy drinks (charged to your credit card), get into the parks, get into your room, have sex with your wife, etc. And this is from 2009 (as was the article above), so one can only imagine how much this technology has been refined over the past two years. A quick search of eBay confirms this….

Portable RFID reader/transmitter

The bottom line is that while RFID might be fine for drink refills (even though, as I’ve stated before, and as is confirmed here, it’s easy to hack the system for free drinks), it is NOT a secure way to store personal/valuable information! If Disney does in fact start using these wristbands, I HIGHLY RECOMMEND that you do NOT link your room key or credit card info to the wristband!

This entry was posted in Park News. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>