Date
20 August 2017
Hong Kong identity cards, including a new one planned for release in 2018, could be vulnerable to hacking with the use of a smart card reader widely available in Shenzhen. Photos: Ming Pao, AFP
Hong Kong identity cards, including a new one planned for release in 2018, could be vulnerable to hacking with the use of a smart card reader widely available in Shenzhen. Photos: Ming Pao, AFP

Smart Shenzhen card reader raises Hong Kong ID card concern

A card reader widely available in Shenzhen can pick up data remotely and is powerful enough to process encrypted multiple information. 

The device can read secure data from any card that uses the ISO 14443 standard, Ming Pao Daily reported Thursday, citing its own research.

The report raised concern about Hong Kong’s new identity card, planned for release in 2018, which will use the same standard.

Macau already uses it, the report said.  

The reader, which costs 1,450 yuan (US$232), was able to access multiple personal information from a Chinese ID card including residence permit details and serial numbers on Visa PayWave cards.

Also, it detected data from five centimeters away, meaning it could steal information from a card in a purse or trouser pocket.

The information can either be stored or printed out immediately, the report said.

The Ministry of Public Security and the Guangdong Provincial Public Security Department did not return requests for comment. 

A Hong Kong computer security expert said he is concerned about private information in the new Hong Kong ID card being stolen and misused.

He said the government should make it possible for cardholders to check activity on their cards such as who has accessed any information.

A spokesman for the Security Bureau said the new Hong Kong ID card is designed for optimum security.

He said the government will continue to allow lawful requests for information from citizens in accordance with the privacy ordinance  

– Contact us at [email protected]

TL/AC/RA

EJI Weekly Newsletter

Please click here to unsubscribe