Free Muni Ride Smartphone Hack? Not So Fast.

Two security specialists have developed an Android app that could hack the paper Limited Use fare cards for a free Muni ride, SFGate reports. But this seems a bit ho-hum because the app is (of course) not available to the public, and the hack doesn’t work on Clipper cards, only the paper Limited Use fare cards, which only holds one or two free rides. Seems like quite a lot of work to save $2. And if you can afford an Android phone, you should probably pay for your bus ride, no?

Nevertheless, the security specialists, Corey Benninger and Max Sobell from the Intrepidus Group, have alerted the SFMTA as well as New Jersey’s PATH system, both transit systems that could be vulnerable to this kind of hack.

From SFGate:

Intrepidus staffers met with Muni and Path officials last year to notify them of the potential for abuse. The firm also presented the information at a security conference in Europe last week.

“We had hoped this would be fixed on both systems before we released this data, but our understanding is that’s not planned for possibly years down the line,” Benninger said.

Since other transit agencies could adopt a similar payment system, they wanted to highlight the security issues.

A limited version of Intrepidus’ app is available to transit agencies that want to test whether their smart cards are vulnerable. But it doesn’t have the capability to change or reset the cards’ data, Benninger said.

The SFMTA told SFGate that they have not noticed any discernible change in the use of paper Limited Use fare cards. A fix for the security hole could be costly, but one option could be to reduce the 90-day life of these types of tickets to discourage hacking, SFGate reports.