Sensitive information stored on a smart card microprocessor can be revealed with a flash of light, say UK researchers.

Sergei Skorobogatov and Ross Anderson of Cambridge University have discovered that firing light from an ordinary camera flash at parts of a smart card microchip can assist an attacker in determining the sensitive information stored on the card. This might include, for example, the cryptographic key used to gain access to a building or to secure internet transactions.

In contrast to previous methods of cracking the cards, the researchers say this type of attack can be performed cheaply using off-the-shelf equipment.