In message
,
ticketyboo writes

The access control suppliers really should move on beyond Mifare
Classic for new smart card installations. OK, the simple hack of
access control systems has attacked those that do not even use the
security functions available with Mifare Classic (they attack schemes
that only read the card serial number), but attackers quickly learn
more. Access control should use Mifare DESFire and AES encryption now,
with provision for Mifare Plus (also in its AES version) later
(because Mifare Plus cards will cost less).

The new Freedom Passes currently being issued use the Desfire 4K
chipset, in order to allow for future ITSO compatability. I gather that
Oyster readers were upgraded to read the new Desfire chip at the end of
last year.

--
Paul Terry