The New York City Taxi and Limousine Commission on Monday refuted recent claims that hackers can access sensitive information through touch-screen displays in taxicabs.
New York City software engineer Billy Chasen recently announced that he had gained access to the operating system for a touch-screen display in a New York City taxi cab and managed to get to the Internet. Chasen posted photos on his blog earlier this month showing that he accessed system files after seeing an error message on the screen.
Chasen said he opened files and "had full administrative access to everything on the PC," adding that he could have installed software from the Internet. He indicated that hackers could skim personal and financial information from customers who pay with credit cards.
Allan J. Fromberg, deputy commissioner for public affairs for the New York City Taxi and Limousine Commission, said that's not likely.
"There are extensive contract-required security protocols in place, which have exceeded government and credit card industry standards and have been stringently tested by internal and external security experts, which fully prevent access to anything other than media content residing in the taxicab itself," Fromberg said in an e-mail statement to InformationWeek. "There is no potential for any malicious activity."
VeriFone Transportation Systems spokesman Pete Bartolik also said during an interview last week that passengers' credit card data is encrypted and it is not stored locally, so it was not compromised. He also said the cab had an outdated modem, used while the city tested the display systems.
VeriFone Transportation Systems is one of New York City's taxi display system vendors.