More up to date info on this story:
http://www.articlesbase.com/business-articles/electronic-pickpocketing-fact-or-fiction-a-new-credit-card-scam-4354380.html
Electronic Pickpocketing: Fact or Fiction? A New Credit Card Scam
10 Best Credit Cards Compare Credit Cards with 0% APR. Lock-in 0% APR for 18 Months Today! www.comparecards.com
Get a Visa Prepaid Card Free direct deposit & easy bill pay Guaranteed approval. Get it now! www.READYdebit.com
Dental Implant Warnings What You Should Know Before Getting Dental Implants. Read Expert Advice symptomfind.com/CosmeticDentalCare
Ekahau Safety Solutions RFID-over-Wi-Fi Safety Alerting, Business Intelligence & More www.ekahau.com
There have been some alarming reports circulating recently about security problems with contactless, or Radio Frequency Identification (RFID), cards. These include credit, debit, or ATM cards, all of which can be enabled for contactless transactions by an embedded RFID chip. Encoded within the chip are confidential account details such as the account number and expiry date. To make a quick purchase the customer just holds the card up to a merchant's contactless reader at the point of sale; the account details are read and the transaction is recorded.
Early adopters of contactless technology include coffee shops, public transport providers and fast food stalls. A potential weakness of the contactless system is that enterprising fraudsters may be able to use their own, illegal RFID readers, to capture customer account details. The story seems to have originated from Memphis-based TV channel WREG, who ran an item called 'Electronic Pickpocketing' in December 2010.
The TV station commissioned an undercover reporter to patrol a shopping street with a card-reader, bought for less than $100, and test the device out (on willing volunteers, not on unknowing victims, I should point out!). The reporter was able to use the device to scan contactless cards remotely from people's wallets, pockets and bags, and display their account details on its screen. The story 'went viral' after being posted on WREG's website, reportedly attracting 1.2 million views in the first few days.
Information he was able to steal included the card issuer name, customer account number, card expiry date and customer name. All this data can be scanned in, stored, and then emailed to criminals anywhere in the world. Imagine a fraudster armed with this card reader, at a football match, for example. Thousands of people crammed together in a small space, all carrying contactless cards to pay for their mid-match snack at the hot dog stand. Rich pickings indeed for an enterprising criminal, all for the outlay of $100 and a couple of hours 'work'! It turns out that WREG's undercover reporter was none other than Walt Augustinowicz , founder of security firm Identity Stronghold,
According to him, it's not just your account details that are at risk from this type of theft, but also your passport, which, if it was issued in recent years, will also contain the new-style RFID chip and is vulnerable to being illicitly scanned in the same way. Hacking a passport yields personal details such as date of birth and aphotograph, which can then be used to create fake ids.
Mr Augustinowicz' company is in the business of marketing protective devices designed to shield plastic cards and passports from illegal scanning. I'm informed that aluminium foil will have the same effect, though I have not tried this out myself yet. Sounds like a simple idea which could save a lot of problems; doesn't it? But do we really need a protective cardholder? What is the true extent of the risk for contactless customers? Once criminals have got hold of our account details, just how much damage can they do?
Before we all start to panic about this report, it is important to remember that there are safeguards built into contactless cards to prevent major losses to customers. Most importantly, they cannot be scanned by card readers for a PIN number or a CVV (3-digit security code). Some older contactless cards may hold a scannable customer name, but not the later editions. Either way, account number and expiry date, with or without a customer name, is insufficient data to create an illegal cloned card. For a Card Not Present (CNP), that is a telephone or internet purchase, a fraudster would also need to know the long number embossed on the card and the CVV. Contactless cards are designed to be read only when held close to a merchant's reader, and have a limited transmission range, meaning that any would-be scammer would have to get pretty darned close to you in order to be physically able to scan your card.
Contactless card providers are constantly striving to ensure their customers are safe from fraud, and the latest cards emit their data in an encrypted format. Another security feature intrinsic to contactless cards is that they are only intended for relatively low-value purchases, and typically have a transaction limit of $30 or less. So it is unlikely you will ever lose much to a scammer. In the meantime, it wouldn't hurt to invest in a bespoke card wallet, or at least wrap your card up in a bit of kitchen foil.
Charlotte Mooney
Charlotte Mooney is an IT professional with many years experience, now working for IT Software Consultancy Proswift, a leading provider of international credit system solutions to banks and finance houses. Click here for more topical stories from the world of credit card processing. ProSwift News
Ed Note: If you cannot read what's below, Hold the
left button on your mouse down and run your cursor over it and the text will
magically appear.
If for
any reason you have trouble getting into this youtube, there are at least four
ways to do it:
Cut and
paste the youtube website almost immediately below
click on
the title in the black band at the top of the frame
click on
the white triangle in the frame
click on
the youtube logo in the black band at the bottom of the frame
IF none
of those work, there is absolutely no hope for you.
Good
Luck.
Aaaaaaah
Shala My Lickem
http://www.youtube.com/watch?feature=player_embedded&v=lLAFhTjsQHw
Uploaded on Mar 9, 2011
News on Electronic Pickpocketing. You can find RFID protection wallets and sleeves at http://www.idstronghold.com You can also see many more news stories about this on my channel athttp://www.youtube.com/waltaugust
CHECK YOUR CARDS
If you only take time for one email today, make it this one! This is serious
OK, folks......this is VERY important for you to know......You really need to
watch this video----then PASS it on to everyone you know.
Wi-If Symbol on your Credit Card
YOU WONT BELIEVE THIS IS HAPPENING. WATCH VIDEO AND CHECK YOUR CARDS. I GUESS WE GO BACK TO CASH.
Check your newer credit cards for the Wi-If Symbol on it. You need to watch the video below to really know why I sent this to you.
I read this about a couple weeks ago, and then checked my cards for the little "Wi-If Signal Icon" on each one. I found none w/that signal on them, but I was determined to watch for it when my cards came in on renewals. Well, yesterday I got my CHASE SLATE card AND THERE IT WAS ! My first time to see it. I'll not activate that card after seeing this. I guess I'll go to the bank and see if I can replace it w/a non Wi-If (Radio Frequency Card)....?
Thought all my contacts ought to see this if you've not already seen this demo ...
http://youtube.googleapis.com/v/lLAFhTjsQHw%26sns=em
No comments:
Post a Comment