London Oyster card chip maker has sued a university to prevent it from publishing a study that reveals security flaws in the company's RFID chip.
Access passes and public transport system cards such as London's Oyster Card and the Netherlands' OV-chipkaart commonly use the Mifare Classic RFID chips, created by the Dutch chip maker NXP.
A judge is scheduled to hear the case on Thursday in Arnhem, the Netherlands.
A spokesperson for Dutch company NXP called publishing the results "irresponsible," but declined any further comment. NXP was spun out of Philips Electronics in 2006 and is based in Eindhoven.
The University of Nijmegen, author of the study, said that it will continue to pursue publication and is fighting the legal charges. In a statement, the university said that the study will allow other researchers to learn from NXP's mistakes.
The researchers also point out that they have left ample time for users of the flawed technology to replace their systems with more secure alternatives: They first demonstrated their findings last January and plan to publish this October.
NXP has received a draft of the report, after which it asked the researchers to refrain from publishing. The chip maker declined a request for arbitration, instead starting a legal procedure. The firm demands an injunction that prevents the report's publication as well as a gag order that prohibits the researchers from discussing their findings.
Several ministers in the past have encouraged and supported the publication. The Dutch ministry of internal affairs did not immediately respond to a request for comment by Webwereld, an affiliate publication of Computerworld UK.
Critics question NXP's legal offensive because there have been numerous publications about the flaws in the RFID (radio frequency identification) chip's security. Researchers at the University of Virginia released a paper detailing the chip's security last March and demonstrated their findings at the Chaos Computer Camp in December.
According to security experts polled by Webwereld, the information currently available suffices to copy proof-of-payment cards such as those used in public transport systems.
The chip's security flaws earlier this year prompted the Dutch government to issue an official warning and post security guards at government buildings.
Find your next job with computerworld UK jobs