Does this PayWave disabling method work for NZ cards?

Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor.

To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification.

If investing please consider our affiliate link for new accounts: Sharesies.

Forums › Finance and wealth management › Does this PayWave disabling method work for NZ cards?

heavyusr

83 posts

Master Geek
+1 received by user: 2

#115262 19-Mar-2013 18:08

Shows a person who disabled the RFID antenna to disable wireless payments

http://knowak.wordpress.com/2012/09/24/r-i-p-paypass-mbank/

I realise some may consider it an extreme method unless there is some other way I'm not aware of

Here is a reason you may want to disable wireless payments and why banks should have an option to let a card owner set a PIN for every transaction regardless of the amount instead of only over $80

http://www.nfc.cc/2012/04/02/android-app-reads-paypass-and-paywave-creditcards/

1 | 2

4631 posts

Uber Geek
+1 received by user: 874

Trusted

Lifetime subscriber

#784038 19-Mar-2013 18:28

You might as well want to wear a lead jacket all the time. I don't see any point to disable it. It is there for your convenience

sonyxperiageek

2984 posts

Uber Geek
+1 received by user: 397

Trusted

#784043 19-Mar-2013 18:40

And if it was a suspicious transaction and you did not give out your pin, then the bank will reimburse you?

Sony

johnr

19282 posts

Uber Geek
+1 received by user: 2526
Inactive user

#784044 19-Mar-2013 18:53

Tin foil hat would be cheaper and easier

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#784055 19-Mar-2013 19:25

heavyusr: Here is a reason you may want to disable wireless payments and why banks should have an option to let a card owner set a PIN for every transaction regardless of the amount instead of only over $80

That's only a reason to disable Paypass/Paywave if you're a beliver in FUD. Yes I know all about what the video shows and it doesn't bother me in the slighest. I've spent the last few years playing with NFC technologies and like to think I know a thing or two.

From a risk perspective Paypass/Paywave are literally thousands of times more secure than a plastic card that has your 16 digit credit card number and CVV code printed on it.

The odds of somebody in a cafe who sees hundreds of cards in a day passed to them and deciding to write down numbers because their EFTPOS terminal doesn't support NFC or have a pinpad allowing a customer to insert their own card is far greater than somebody being able to read my card which is located in my wallet.

Banking revoles around risk, risk anaylsys and risk mitigation. To build a credit card platform that was totally sucure you wouldn't have a plastic card with number printed on it. Until that day happens I'm more than happy to carry my Paywave card around and happily use it.

heavyusr

83 posts

Master Geek
+1 received by user: 2

#784061 19-Mar-2013 19:39

sonyxperiageek: And if it was a suspicious transaction and you did not give out your pin, then the bank will reimburse you?

But you would have to go to the hassle of contacting the bank to say your card was stolen and get a new one It also gives thieves an increased reason to steal your card
Why not allow individual card users the choice to disable it or requiring a PIN for every transaction?

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#784068 19-Mar-2013 19:55

heavyusr:Why not allow individual card users the choice to disable it or requiring a PIN for every transaction?

In the US you typically don't even need a signature or PIN for credit card transactions under ~$50 and never have done.

If your card is compromised it's not your issue providong you were complying with your banks terms and conditions.

I'll once again repest one key word - risk. Everything in banking resolves around this.

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

khull

1245 posts

Uber Geek
+1 received by user: 133

#784070 19-Mar-2013 20:01

We had a hole punch through a snapper card and that obviously destroyed it similar to the link you posted. So yes I would imagine it would work.

But quite frankly I think you are overly paranoid. There are more real world reports of people skimming EFTPOS cards on ATM machines.

sonyxperiageek

2984 posts

Uber Geek
+1 received by user: 397

Trusted

#784071 19-Mar-2013 20:07

sbiddle:
heavyusr: Here is a reason you may want to disable wireless payments and why banks should have an option to let a card owner set a PIN for every transaction regardless of the amount instead of only over $80

That's only a reason to disable Paypass/Paywave if you're a beliver in FUD. Yes I know all about what the video shows and it doesn't bother me in the slighest. I've spent the last few years playing with NFC technologies and like to think I know a thing or two.

From a risk perspective Paypass/Paywave are literally thousands of times more secure than a plastic card that has your 16 digit credit card number and CVV code printed on it.

The odds of somebody in a cafe who sees hundreds of cards in a day passed to them and deciding to write down numbers because their EFTPOS terminal doesn't support NFC or have a pinpad allowing a customer to insert their own card is far greater than somebody being able to read my card which is located in my wallet.

Banking revoles around risk, risk anaylsys and risk mitigation. To build a credit card platform that was totally sucure you wouldn't have a plastic card with number printed on it. Until that day happens I'm more than happy to carry my Paywave card around and happily use it.

Same here.. Until When ASB BANK START to get their payWave cards working again!! :P

Sony

heavyusr

83 posts

Master Geek
+1 received by user: 2

#810589 3-May-2013 04:29

Anyone know what apps are being talked about?
http://www.cbc.ca/news/technology/story/2013/04/24/nl-smartphone-credit-card-skimming-app-424.html

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#810611 3-May-2013 08:04

There are plenty of Android apps to read the credit card numbers off a Paywave or Paypass card. As the NFC chip is the same information as track2 on the mag stripe you can't get the CVV/CVC code however as this isn't stored on the card.

From the article:

A thief can simply walk by, pause and read the information through an unwitting person’s coat and wallet.

Some great FUD there..

michaelmurfy

meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#810613 3-May-2013 08:14

There is no point - if you're that paranoid then putting your card in Tinfoil works just as well. If you notice any suspicious transactions your bank will reimburse you, and it makes it far quicker to get the likes of coffee or Subway (and quite a bit cooler)

If you lost your card they can use the numbers on it to buy stuff anyway, or do manual PAN entries. Skimming through the wallet - sure, it might give them your credit card number and expiry but you'll know / this doesn't seem to be happening anyway.

There are several RFID proof wallets, but how I see it is it's just being over-paranoid.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

Geekzone

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).

Journeyman

1205 posts

Uber Geek
+1 received by user: 1236

#810706 3-May-2013 11:25

heavyusr: do you have an eftpos card and are you equally concerned about that being read by criminals?

tardtasticx

3084 posts

Uber Geek
+1 received by user: 483

#810727 3-May-2013 12:12

Yeah Im not too worried. I havn't had too many chances to use either of my ASB cards wirelessly at a terminal (Visa and MasterCard), but the times I have, it didn't work. So I'm not too worried about someone trying this for a couple of reasons:
1; If Countdown wont read my card, I'm pretty sure a cheap android phone cant either.
2; Unless they're getting money out of a secret account on my card I dont know about, I dont think it'll be much use to them :P

trevor

15 posts

Geek

#828682 31-May-2013 10:57

The point is there are 3 factors of authentication:

1. Something I have
2. Something I know
3. Something I am

So if you are trying to get into a secure computer room in the Pentagon you would need three. A badge (something I have), a PIN number (something I know) and say a retina eye scan (something I am).

Up until NFC my credit card has always been two factor authentication, i.e. I need the card and the PIN (or the correct signaure - but who does that anymore?)

With these new system it's gone down to one factor and this is therefore less secure than it use to be.

This would not be a problem if I could set the limit and a fair limit is $10 (two cups of coffee). $80 is way too much it means I now have to check all my statements carefully and remember all my Credit and EFTPOS transactions to see if there are any dodgy transactions, because the Banks have lowered the security WITHOUT ASKING ME!

Or I can locate the chip and drill it out!

ajobbins

5053 posts

Uber Geek
+1 received by user: 1279

Trusted

#828697 31-May-2013 11:30

My non chip, non NFC AMEX card works at some places (Like the supermarket) for transactions under $50 and doesn't ask for a pin.

Swipe mag stripe........approved.

I would be much easier for someone to skim and clone my card that for someone to ping the NFC card that sits next to it in my wallet.

I'm concerned about neither. The bank's got my back.

Twitter: ajobbins

1 | 2