Network and System Security

Smart card Security Audit

01
Suitable for:
  • for all companies that use smartcards for any kind of authentication or transport
  • public transport companies

The goal of smart card security audit is to reveal inherent implementation vulnerabilities in physical layer of contact or contactless smartcards, card’s application layer and software used by readers/writers.

Features:

  • all ISO 15693, ISO/IEC 14443 based-cards supported with a special focus on Mifare and HID_Global
  • physical layer analysis (e.g. analysis if cards use secure authentication protocols)
  • application layer analysis (e.g. analysis if the application use secure hashes, digital signatures, encryption algorithms over personal data)
  • architecture analysis (e.g. what information can be stored offline, which definitely not)