|
I made my bank disable the contactless transactions on my card. Pickpockets are a friggin real danger, and this is only a different type of pickpocketing.
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
If you think 'goto' is evil, try writing an Assembly program without JMP. -- TNCaver
|
|
|
|
|
Snap - and Herself's as well.
OK, I don't go near the Tube, and I'm none too fond of crowds - but it's a solution looking for a problem to my mind.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
I'm a commuter so tube, train and train-stations are frequent point of passage for me. Also I particularly enjoy comics conventions and book fairs (there is one in my hometown these days by the way, the Turin International Book Fair) and I know that many delinquent attend only to lift some pockets.
I very much prefer to pass the card and insert the pin, and only if I trust the commercial activity - many immigrant shops are barely legal and they sometimes use counterfeit POS to steal CC details. It's not paranoia if they're really out to get you...
Also the ATMs are sometimes at risk, in a town near where I live a band of skilled thieves sabotaged the insertion slot to clone the cards that passed along with the PIN. So I normally use only the indoors ATMs...
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
If you think 'goto' is evil, try writing an Assembly program without JMP. -- TNCaver
|
|
|
|
|
OriginalGriff wrote: and I'm none too fond of crowds
Flocks are more your thing?
|
|
|
|
|
Your solution is akin to wearing a full wet suit in a light shower. The details available from the RFID are not the full card details and for some time actually use a dummy card number that will only work with contactless. This means that the maximum exposure you have is £30 to a registered merchant. Fraud readers cannot put the valid messages into the system as they are outside the network and do not have authentication keys.
veni bibi saltavi
|
|
|
|
|
Indeed - but £30's add up. It wouldn't be difficult for a perp to get a couple of dozen £30 a day on the Tube in Londinium, and that's tidy money which is unlikely to be spotted quickly, and unlikely to be reported if it is spotted.
Nice pay if you can get it...but I'd rather not be a victim.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Doesn't work that way.
Each device on the network is registered with the server, so when a request is made for a payment it's not automagically paid down the wire, but it goes to the registered owners account. If a device is not on the network it can read the cards but, crucially, not send in payment requests.
Now with the contactless, the details only work for a contactless device making a payment request. It's not like I can read your card # from a contactless reader and then use it yo shop on Amazon, the details are different.
veni bibi saltavi
|
|
|
|
|
|
The Graniad and Indi articles are both hogwash. One is about stolen cards and how they're not checked and POS; not the card holder's liability but the providers. The second about using card details taken using contactless readers to skim cards is using a viral story, original picture from Russia, forgets the detail about what the cards give out using RFID.
The one referencing Which? research is interesting. I will read up on that and post a considered opinion later.
However, if your card is defrauded in any way then unless you're Wuckfit McWuckfitface and gave away details you will be reimbursed; banks cannot afford not to. In theory.
veni bibi saltavi
|
|
|
|
|
My bank asked me if I wanted to have a contactless card or not. That was the quickest no I ever uttered. The only quicker one was, if I wanted to have access to my account via my cell phone. While I understand it might be handy, I'm not going for that. I'm already paranoid about having it on my computer, let alone on my cell phone.
|
|
|
|
|
RUs123 wrote: While I understand it might be handy, I'm not going for that. I'm already paranoid about having it on my computer, let alone on my cell phone. If you are that worried about access to your money then I suggest you just send it to me. No one will have access to it that way.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
Just give me your account information.
As you can see I am not from Nigeria, so no scam here.
|
|
|
|
|
However the recipient of the money has to be registered with the banks as a user of said contactless technology
|
|
|
|
|
So the next level of card skimming should be called trawling.
|
|
|
|
|
That explains it, walked into a brothel last night and came out broke. Going again tonight.
New version: WinHeist Version 2.2.2 Beta I told my psychiatrist that I was hearing voices in my head. He said you don't have a psychiatrist!
|
|
|
|
|
So a thief with some "29,99" fraud can fill his pockets?
Press F1 for help or google it.
Greetings from Germany
|
|
|
|
|
US Passports have RFID as well. Although the information is encrypted (ish),
my understanding is that they can tell what country you are from. As in (If you get a response, and they look American, they probably are!)
We use RFID Passport cases to block this. Avoiding being scanned. Anyone can build a domed signal amplifier and increase the range (in fact, the "repeater" version of this is being used to unlock high end cars by pinging against the keys in the house, boosting the signal and tricking the car to unlock the door here in the states).
So, my keys go inside a metal cup when in the house.
I use these for my credit cards: Amazon RFID Pouches[^] (12 for about 10USD)
What I did was to CUT one long edge open, and a small flap on the corner. This lets me slip the card in and out naturally. But it appears to work quite well. I put 2 cards in one pouch. The two I use all the time.
HTH
|
|
|
|
|
China has been doing it for ages for card swiping devices.
In India, ATMs have been discovered to have an extra card reader attached to them by criminals (usually, IT folks who think they are smarter than the rest of the world). These are so thin and are attached to the slot where you put in your ATM card so users don't notice something is amiss. These devices can be had for a few tens of dollars from China.
As to the need to input PIN codes, the thieves usually attach a tiny camera so that the users' PIN codes can be captured too!
|
|
|
|
|
Just send me your pin, and you will find out!
... such stuff as dreams are made on
|
|
|
|
|
The ball point or the felt tip.
|
|
|
|
|
Whichever you have at hand.
... such stuff as dreams are made on
|
|
|
|
|
My first such card, many years ago, was from AMEX. It came with a chip.
In order to improve security I undertook a simple procedure:
Carefully placed a screwdriver over the center of the chip, taking care that it didn't overlap into the card, itself
Even more carefully, but extremely firmly, appling a hammer to the other end of the screw driver
This significantly enhanced the security with respect to remote scanning.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "As far as we know, our computer has never had an undetected error." - Weisert | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
If you're talking about the mag stripe, then no. But the chip on the card (for those advanced nations that actually use chips in their credit cards. ahem)? Absolutely.
cheers
Chris Maunder
|
|
|
|
|
If you're concerned, RFID can easily be shielded by a layer of aluminum foil. I'm sure there are still readers that can read through that, but most can't, and all you need, is to be harder to access than the guy next to you.
You can either wrap your card in some aluminum foil, or make your own duct tape wallet and put a layer of it between the layers of duct tape. If you go the wallet route, just be sure to leave an unshielded pocket on the outside someplace for your RFID key card for work, as it's really inconvenient to have to take the card out of your wallet every time you want to get in the door
We can program with only 1's, but if all you've got are zeros, you've got nothing.
|
|
|
|
|
Aw, cr@p! Your credit limit isn't anywhere near enough to buy that yacht I've been looking at.
Could you ask your richer friends to stand within thirty feet or your PC?
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|