|
Huh?! (cultural reference missing)
I'd rather be phishing!
|
|
|
|
|
I can't believe you aren't canning chicken fat yet!
|
|
|
|
|
My younger brother loved Mad magazine, so I never had to buy one.
New version: WinHeist Version 2.2.2 Beta I told my psychiatrist that I was hearing voices in my head. He said you don't have a psychiatrist!
|
|
|
|
|
There is a story going around that there is a device that can read your credit card information through your billfold, pocket book, and clothing. The information on the cards are on a magnetic strip and/or a chip. I've had to swipe my card more than once to get a reader at a store to read it. The more I think about it reading the strip or chip through all the above and not even rubbing up against the person carrying the card would be unlikely at best. An episode of NCIS had a girl doing just that.
Okay you knowers of all things tech, is this possible?
|
|
|
|
|
|
If criminals truly could do that then they would be better of starting a company to sell these super readers.
|
|
|
|
|
They can do it, it you have Contactless payment[^] cards - as all new ones in the UK seem to be.
The contactless payment bank cards just need to be offered to the shop reader for sums up to about £30, and RFID reads the card details and executes the transaction with no further input (such as PIN id). If you have the RFID reader then close proximity to the card in your wallet is sufficient. Crowded spaces (tube trains and so forth) ad good hunting grounds apparently.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
I made my bank disable the contactless transactions on my card. Pickpockets are a friggin real danger, and this is only a different type of pickpocketing.
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
If you think 'goto' is evil, try writing an Assembly program without JMP. -- TNCaver
|
|
|
|
|
Snap - and Herself's as well.
OK, I don't go near the Tube, and I'm none too fond of crowds - but it's a solution looking for a problem to my mind.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
I'm a commuter so tube, train and train-stations are frequent point of passage for me. Also I particularly enjoy comics conventions and book fairs (there is one in my hometown these days by the way, the Turin International Book Fair) and I know that many delinquent attend only to lift some pockets.
I very much prefer to pass the card and insert the pin, and only if I trust the commercial activity - many immigrant shops are barely legal and they sometimes use counterfeit POS to steal CC details. It's not paranoia if they're really out to get you...
Also the ATMs are sometimes at risk, in a town near where I live a band of skilled thieves sabotaged the insertion slot to clone the cards that passed along with the PIN. So I normally use only the indoors ATMs...
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
If you think 'goto' is evil, try writing an Assembly program without JMP. -- TNCaver
|
|
|
|
|
OriginalGriff wrote: and I'm none too fond of crowds
Flocks are more your thing?
|
|
|
|
|
Your solution is akin to wearing a full wet suit in a light shower. The details available from the RFID are not the full card details and for some time actually use a dummy card number that will only work with contactless. This means that the maximum exposure you have is £30 to a registered merchant. Fraud readers cannot put the valid messages into the system as they are outside the network and do not have authentication keys.
veni bibi saltavi
|
|
|
|
|
Indeed - but £30's add up. It wouldn't be difficult for a perp to get a couple of dozen £30 a day on the Tube in Londinium, and that's tidy money which is unlikely to be spotted quickly, and unlikely to be reported if it is spotted.
Nice pay if you can get it...but I'd rather not be a victim.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Doesn't work that way.
Each device on the network is registered with the server, so when a request is made for a payment it's not automagically paid down the wire, but it goes to the registered owners account. If a device is not on the network it can read the cards but, crucially, not send in payment requests.
Now with the contactless, the details only work for a contactless device making a payment request. It's not like I can read your card # from a contactless reader and then use it yo shop on Amazon, the details are different.
veni bibi saltavi
|
|
|
|
|
|
The Graniad and Indi articles are both hogwash. One is about stolen cards and how they're not checked and POS; not the card holder's liability but the providers. The second about using card details taken using contactless readers to skim cards is using a viral story, original picture from Russia, forgets the detail about what the cards give out using RFID.
The one referencing Which? research is interesting. I will read up on that and post a considered opinion later.
However, if your card is defrauded in any way then unless you're Wuckfit McWuckfitface and gave away details you will be reimbursed; banks cannot afford not to. In theory.
veni bibi saltavi
|
|
|
|
|
My bank asked me if I wanted to have a contactless card or not. That was the quickest no I ever uttered. The only quicker one was, if I wanted to have access to my account via my cell phone. While I understand it might be handy, I'm not going for that. I'm already paranoid about having it on my computer, let alone on my cell phone.
|
|
|
|
|
RUs123 wrote: While I understand it might be handy, I'm not going for that. I'm already paranoid about having it on my computer, let alone on my cell phone. If you are that worried about access to your money then I suggest you just send it to me. No one will have access to it that way.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
Just give me your account information.
As you can see I am not from Nigeria, so no scam here.
|
|
|
|
|
However the recipient of the money has to be registered with the banks as a user of said contactless technology
|
|
|
|
|
So the next level of card skimming should be called trawling.
|
|
|
|
|
That explains it, walked into a brothel last night and came out broke. Going again tonight.
New version: WinHeist Version 2.2.2 Beta I told my psychiatrist that I was hearing voices in my head. He said you don't have a psychiatrist!
|
|
|
|
|
So a thief with some "29,99" fraud can fill his pockets?
Press F1 for help or google it.
Greetings from Germany
|
|
|
|
|
US Passports have RFID as well. Although the information is encrypted (ish),
my understanding is that they can tell what country you are from. As in (If you get a response, and they look American, they probably are!)
We use RFID Passport cases to block this. Avoiding being scanned. Anyone can build a domed signal amplifier and increase the range (in fact, the "repeater" version of this is being used to unlock high end cars by pinging against the keys in the house, boosting the signal and tricking the car to unlock the door here in the states).
So, my keys go inside a metal cup when in the house.
I use these for my credit cards: Amazon RFID Pouches[^] (12 for about 10USD)
What I did was to CUT one long edge open, and a small flap on the corner. This lets me slip the card in and out naturally. But it appears to work quite well. I put 2 cards in one pouch. The two I use all the time.
HTH
|
|
|
|
|
China has been doing it for ages for card swiping devices.
In India, ATMs have been discovered to have an extra card reader attached to them by criminals (usually, IT folks who think they are smarter than the rest of the world). These are so thin and are attached to the slot where you put in your ATM card so users don't notice something is amiss. These devices can be had for a few tens of dollars from China.
As to the need to input PIN codes, the thieves usually attach a tiny camera so that the users' PIN codes can be captured too!
|
|
|
|