1. Field of the Invention
The present invention relates to a combination of real and virtual documents, cards, purses or wallets for identification in the conduct of financial or other transactions and, more particularly, documents or cards that can be used in secure real or virtual financial transactions, for emergency/disaster management, refugee management, emergency medical management or for evacuation or travel both domestic and international, all within a secure and trusted environment that can produce trusted secure multiple layered data in real time in a non stovepipe environment including use in conjunction with Cash dispensing and/or receiving Machines having an Integrated 2/3 D Counter surveillance functions.
2. Description of the Related Art
For many years, identification cards have been provided which have, on an obverse face, pictures, information about the bearer and, on a reverse face, a magnetic strip containing much of the same information. Such cards have been used a driver's licenses, credit or debit cards, and, in recent years as an integral part of a passport document.
Variations of such a card might include embedded codes, matrix codes or optically read information strips. Still other variations might include radio frequency identification circuits (“RFID”) which can be embedded in the card body and can be remotely accessed for the information contained therein and used for example as a Near Field Communication or have an embedded contact or radio frequency so called Integrated Circuit Chip (ICC) or Smart Chip. NFC and ICC's contain data and are usually of a read-only type. However, they may be rewriteable, and can be custom-encoded at time of manufacture or issuing in accordance with a interoperable specification. NFC ICC's can allegedly securely store personal data such as financial debit and credit card information, loyalty program data, PINs and network, with other information. The NFC ICC's generally fall into four types of ICC that each provide different communication speeds and capabilities in operation configurability, memory, data retention, write endurance and security. The four ICC types currently offer between 96 and 4,096 bytes of memory.
In like manner to RFID technology, near-field communication uses magnetic induction between two sets of usually loop type antennas located within each other's near field communication range, effectively forming an power air-gap between an reading station and the ICC itself. NFC devices to date operate within the globally available and unlicensed frequency at 13.56 MHz wherein the RF energy is concentrated in the allowed ±7 kHz band range, but the full spectral envelope may be extended to 1.8 MHz should Amplitude-shift keying (ASK) modulation of a carrier wave be employed.
Theoretical working distance with compact standard antennas are presumed to be about 8″ with a practical working distance of about 1-1½″. There are two types of NFC ICC's;
1) Passive type—where the reading station device provides the electromagnetic carrier field and the non powered NFC ICC within a carrier means or device answers by modulating the existing field. The carrier means or device obtains its operating power from the reading stations electromagnetic field, thus turning the carrier means or device included ICC into a transponder.
2) Active type—where both the reading station and carrier means or device communicate by alternately generating their own respective power field (which in some devices could be contact provided using the same MFC protocol). Wherein the respective RF carrier means or devices' powered ICC RF field is deactivated while it is waiting for a data ping or request from a reading station. When a carrier means or device with a powered ICC contained therein is appropriately pinged, it also is turned into a transponder but in this instance responds using its own power.
A magnetic field probe can be used to recover the private key of an RSA public key encryption algorithm. A second demonstration recovers the key from an ECC algorithm from a distance of approximately 3 m. Both analyses use inexpensive readily available RF receiving equipment for signal collection. Baseband EM approaches are similar to power measurement attacks such as SPA and DPA. EM analyses do not require the same level of physical access to a device that other side channels may require. Compliance with FCC emission thresholds will likely not provide a sufficient level of protection. The presentation discuss hardware, software, and protocol level countermeasures that substantially mitigate information leakage, as well as testing methods beyond FCC for quickly assessing the degree of protection.
The fact is, people steal cars equipped with RFID security. It's especially common in Europe, where RFID has been used in cars for longer than in the United States. To prove the weaknesses of the system, researchers at Johns Hopkins went about breaking in. What they found was startling. If you equip a laptop computer with a microreader, a device that can capture radio signals, you can capture the transmissions sent out by an RFID immobilizer key. Positioned within a few feet of the RFID transponder —say, sitting next to the car owner in a restaurant —the laptop sends out signals that activate the chip. When the key begins broadcasting, the reader grabs the code, and the computer begins decrypting it. Within 20 minutes, you've got the code that'll tell the car to start. (Once you have a good database of codes stored in your laptop, the time gets much shorter.).
Pair that code with a copy of the physical key or a hotwire job, and you're on your way. In the case of the passive ignition system, the process is similar, but you need only stand next to the car, not the person carrying the key. In cars that have RFID entry and ignition, it's an all-in-one process. Break the codes, and you can not only unlock the doors, but also start the car and drive away. According to some security experts, this is the problem with the system. RFID is a really great addition to a car's physical security system, but on its own, it allows for complete access with just a single act of decryption. For a thief with good equipment, it's a snap.
This is where the RFID, insurance and car industries object to the portrayal of RFID systems as faulty. Sure, the Johns Hopkins researchers could break it. They have money and hardware. The idea that car thieves would never take the time or spend the money to break an encrypted code is contradicted by the fact that a payoff of tens of thousands of dollars for a high-end car, motivate thieves to try. And whereas locksmiths weren't allowed to copy RFID-equipped keys at first, annoyance on the part of car owners who lost their keys led to a loosening of the rule. Now, both locksmiths and regular consumers can buy kits that can capture and clone an RFID code. The result is that people are losing their RFID-secured cars, and insurance companies call the owners' claims fraudulent because RFID security is uncrackable. The owners must be lying.
There are a few possible solutions to this problem that don't involve scrapping RFID. The Johns Hopkins scientists propose several ways to better secure the system: First, RFID makers should switch from 40-bit to 128-bit encryption; owners should wrap their fob in tinfoil when not using them, to help block fraudulent signals from activating transmission; and most important, carmakers should use RFID technology as an additional security measure, not the sole one. As with any other security system, the advice is simple: Layer up. Don't rely on any single protection method. Instead, use several different types of security in order to make it as complicated as possible to bypass.