This talk will introduce you to the theoretical and practical issues involved in cloning/simulating existing smartcards. It is based on the lessons learned from cloning the Postcard (swiss debit card) issued by PostFinance. After a brief introduction into the syntax of smartcard protocols (basically ISO 7816-4), the talk will demonstrate techniques to capture the communication between a smartcard and a terminal with the help of a Javacard-based logger cardlet. The gathered information (the semantics of the protocol) can then be used for cloning the smartcard under investigation.
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.