| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 136566 | 2014-03-16 22:59:00 | Security Risks: RFID Tap&Go credit/debit cards. | Billy T (70) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 1370371 | 2014-03-19 23:06:00 | I call bullshit. If you've ever done a transaction using NFC, you would too. | Chilling_Silence (9) | ||
| 1370372 | 2014-03-19 23:19:00 | I call bullshit. If you've ever done a transaction using NFC, you would too. My problem is when a card is stolen like what happened to a friend in oz. Managed to clear her account. Sure the bank did refund, but the inconvenience of having no money for a while. Absolutely no security, at least with eftpos there is a pin. |
plod (107) | ||
| 1370373 | 2014-03-19 23:28:00 | Credit Cards use NFC, not RFID. ! I provided links, where's your proof :p. Actually after all this debate I did some more research - seems NFC is in use in more recent credit card implementations and is probably what is in use here (I could find nothing definitive), but that Video is 2 years old and from America which means it's highly likely the cards in question are using RFID which is far more common there. It may be entirely irrelevant to the situation here. The important point about that video is the data is not encrypted, and according to the identity theft site I linked that's entirely the banks decision and not inherent in either RFID or NFC so which is in use is not the real problem. The Video in the OP clearly shows someone getting peoples credit card details just by getting close - this doesn't worry you? It's just as possible with either techonolgy if the banks have persisted without encryption. And mainly I've been playing Devils advocate. I don't really think anyone is going to steal my credit card details out of my back pocket. It just bothers me that the Banks don't seem to be taking the potential more seriously. |
dugimodo (138) | ||
| 1370374 | 2014-03-19 23:46:00 | My problem is when a card is stolen like what happened to a friend in oz. Managed to clear her account. Sure the bank did refund, but the inconvenience of having no money for a while. Absolutely no security, at least with eftpos there is a pin. Must have been a heap of small transactions or a really low limit, you have to use a PIN above $80. Having no other way to access your $ is a bit silly as well. |
Alex B (15479) | ||
| 1370375 | 2014-03-19 23:51:00 | Must have been a heap of small transactions or a really low limit, you have to use a PIN above $80. Having no other way to access your $ is a bit silly as well. Debit card not credit card, bout 600 in that account. Not many transactions needed. The only access I have to my account is via card. |
plod (107) | ||
| 1370376 | 2014-03-19 23:59:00 | You can go to a bank and draw funds. | Alex B (15479) | ||
| 1370377 | 2014-03-20 00:08:00 | Double charging is happening, cant find links to the other NZ examples I read about Now I have no choice if I want a CC, it HAS to be tap & go enabled . Most of my CC purchases are online , so not really a biggie for me. www.stuff.co.nz "Some weeks later, while completing paperwork for a work-issued purchasing card, she found a $38.61 charge from the same supermarket, at the same time as her $24 transaction. " This could easily happen with a normal CreditCard admittedly www.stuff.co.nz when he stole a contactless card belonging to a family member he was living with. He then went on to buy $1300 worth of goods. www.geekzone.co.nz "So, today, I see I've been billed twice." www.nzherald.co.nz " Cards, some still in wallets, are accidentally being charged" |
1101 (13337) | ||
| 1370378 | 2014-03-20 00:59:00 | My problem is when a card is stolen like what happened to a friend in oz. Managed to clear her account. Sure the bank did refund, but the inconvenience of having no money for a while. Absolutely no security, at least with eftpos there is a pin. EFTPOS yes but comparing apples with apples, you can just sign for credit card transactions currently if yours is stolen. I provided links, where's your proof :p. For anything and everything we have in NZ, it's completely 100% incorrect. Actually after all this debate I did some more research - seems NFC is in use in more recent credit card implementations and is probably what is in use here (I could find nothing definitive), but that Video is 2 years old and from America which means it's highly likely the cards in question are using RFID which is far more common there. It may be entirely irrelevant to the situation here. Potentially? I have honest never seen a single credit / debit card that uses RFID. The important point about that video is the data is not encrypted, and according to the identity theft site I linked that's entirely the banks decision and not inherent in either RFID or NFC so which is in use is not the real problem. As encrypted as the digits printed on your card are? I disagree. The Video in the OP clearly shows someone getting peoples credit card details just by getting close - this doesn't worry you? It's just as possible with either techonolgy if the banks have persisted without encryption. And mainly I've been playing Devils advocate. I don't really think anyone is going to steal my credit card details out of my back pocket. It just bothers me that the Banks don't seem to be taking the potential more seriously. Perhaps they did that back in limited amounts back in the day, in NZ we _only_ have NFC credit cards. I've asked a lot of friends in the US too, all of them have been given NFC, not RFID. Must have been a heap of small transactions or a really low limit, you have to use a PIN above $80. Having no other way to access your $ is a bit silly as well. ^^ this Paywave / Paypass / NFC transactions in NZ have a $80 limit. Otherwise it asks you to insert your card and it'll use the chip, just like normal. Double charging is happening, cant find links to the other NZ examples I read about Now I have no choice if I want a CC, it HAS to be tap & go enabled . Most of my CC purchases are online , so not really a biggie for me. www.stuff.co.nz " Some weeks later, while completing paperwork for a work-issued purchasing card, she found a $38.61 charge from the same supermarket, at the same time as her $24 transaction. " Wait so let me get this straight. This person tapped their card on the terminal, without looking at how much it was for? Then, they did it again, a second time? That sounds like somebody shouldn't be allowed any money at all... This could easily happen with a normal CreditCard admittedly www.stuff.co.nz when he stole a contactless card belonging to a family member he was living with. He then went on to buy $1300 worth of goods. Yeah if it's an NFC card, its got a $80 limit. That means if they bought $1,300 worth, thats 17 different stores _at least_ that they've had to visit. Speaking of which, have you been to Maccas lately? If you swipe your credit card, the non-NFC type, and the amount is < $40, they don't bother asking for a PIN or signature either. Just for " balance " to the argument ;) www.geekzone.co.nz " So, today, I see I've been billed twice. " The operator should be shot where they stand for being so stupid, basically. That's not a problem with NFC credit-cards, that's a problem with stupidity. If they don't check to see it's been accepted, that's hardly the technologies fault. www.nzherald.co.nz " Cards, some still in wallets, are accidentally being charged " Yes, correct, you have approx 1-2cm, and it can be done in your wallet if you hold your wallet directly to the terminal. You don't have to pull it out, but it's not like it's in their handbag and has been scanned from 1-2 meters away! Let me make a video, just for you lot, and I'll show you. |
Chilling_Silence (9) | ||
| 1370379 | 2014-03-20 01:20:00 | It doesn't ask to insert the card IME, it just ask for the PIN number. That's the case at BP anyway. | Alex B (15479) | ||
| 1370380 | 2014-03-20 01:50:00 | It doesn't ask to insert the card IME, it just ask for the PIN number. That's the case at BP anyway. Can anyone think of what would be an easier secure way to make a credit card type purchase that didn't involve using any sort of RFID or NFC chip in a credit card? |
Webdevguy (17166) | ||
| 1 2 3 4 | |||||