A Dutch judge has ruled that researchers can publish details of how to crack the Oyster card used on London's public transport system.
NXP, which makes the Oyster card, had taken out an injunction to stop Professor Bart Jacobs and colleagues from Radboud University in Nijmegen from publishing their research into security flaws in the payment card.
The university welcomed the ruling, stating that "in a democratic society it is of great importance that the results of scientific research can be published ".
NXP argues that it will take months to fix the flaw that allows the cards to be cloned. It has reportedly said that publishing the detailed research will serve no useful purpose.
A spokesman for Transport for London told the BBC: "Transport for London remains confident in the security of the Oyster card system.
"We take fraud and the security of personal data extremely seriously and constantly review our security procedures.
"Any fraudulent card would be identified and blocked within 24 hours of being used. Using a fraudulent card for free travel is subject to prosecution and we would seek to enforce this wherever possible."
The researchers studied the card ahead of its proposed implementation in the Netherlands.
They found that it was possible to clone the cards, add credit to them and even jam entry gates, although it is unlikely that cloned cards cause last week's problems on the Underground.
The Dutch government has now halted the deployment of the cards after the researchers showed that they could also be used to gain unauthorised access to government buildings.
Instapaper to 'go dark' in Europe until it can work out GDPR compliance
James Robbins of ArrowXL says that AI is no longer 'tomorrow's technology'
Staff told to beware of "unusual sounds" after an employee reported mystery symptoms
Sophisticated malware comprises code previously used to attack Ukraine