Regarding Vulnerability Report on Some Models of FeliCa IC Chips Shipped Before 2017
August 28, 2025
Sony Corporation
We have confirmed that some models of IC chips of Sony's contactless IC card technology "FeliCa", which were shipped prior to 2017, could potentially have data read and tampered through specific operations that were identified in an external report. The report was shared by the Information-technology Promotion Agency, Japan (IPA) in accordance with "Information Security Early Warning Partnership Guideline".
The security of services utilizing FeliCa is built not only on the security of the FeliCa IC chips themselves but also on the overall system for each service. Regarding this matter, we have been cooperating with some service providers and public institutions within the framework of the aforementioned partnership. All stakeholders are encouraged to continue using the services without concern, based on information from relevant providers.