Free Parking in San Francisco Takes a Hack - NBC Bay Area

Free Parking in San Francisco Takes a Hack

A security researcher discovers no difference between a real pre-paid meter card and a fake one.

    processing...

    NEWSLETTERS

    Free Parking in San Francisco Takes a Hack
    www.grandideastudio.com/portfolio/smart-parking-meters/
    Security researcher found he could create a meter card for unlimited use.

    Parking along San Francisco streets is now free -- if you're comfortable with breaking the law and tricking parking meters.

    The San Francisco Municipal Transportation Agency is concerned about a presentation given by security researcher Joe Grand at the July Las Vegas Black Hat Convention, a get together for hackers from around the world.
     
    At the convention, Grant explained how hackers are able to break the parking meters.  
     
    Grand posted his PowerPoint presentation on his website, stating that there is no real difference between a real payment card and a fake one. He claims he was able to create a working card that will never run out of funds by analyzing how the card works and then creating software to program the fake card.
     
    Grand says he was able to create a bottomless card with $999.99 (fake) to use in San Francisco's parking meters.  
     
    And if Grand was able to hack into the system, other tech savvy San Franciscans may be able to as well, draining the city's general fund.
     
    "We take these systems for granted and rely heavily on them, so they deserve a review," said Grand in his presentation.
     
    While tricking these meters may be easy for a sophisticated hacker, the San Francisco Municipal Transportation Agency (SFMTA) says they have some precautions in place for situations like this.
     
    According to SFMTA media relations manager Judson True, each of their prepaid cards -- even fake cards -- must have a serial number, and the SFMTA can cancel any card that exceeds the $50.00 limit. The SFMTA is expressing concern about the issue and will look into how to prevent the security breaches as soon as possible.