Exxon Mobil Denies Security Flaw
03 February, 2005
category: Contactless, Corporate, Digital ID, Financial, RFID
“In response to the report and its claims, J. Donald Turk, a spokesperson for ExxonMobil in Fairfax, Va., told CSP Daily News: “Although the Johns Hopkins researchers may have been able to break through one level of the technological security provided in Speedpass devices, this does not mean that it can be widely replicated to make unauthorized purchases. The Johns Hopkins process requires very sophisticated computing equipment to decode just one Speedpass device. We strongly believe that Speedpass devices and the purchase transactions made with them remain much more secure than those made with credit cards using magnetic stripes. Unlike a credit card with a magnetic stripe, personal customer information is not stored on a Speedpass device; therefore, personal customer information cannot be fraudulently obtained from a Speedpass device utilizing the duplicating process devised by Johns Hopkins, a fact confirmed by Johns Hopkins researchers.”