Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




83 posts

Master Geek
+1 received by user: 2


Topic # 115262 19-Mar-2013 18:08
Send private message

Shows a person who disabled the RFID antenna to disable wireless payments

http://knowak.wordpress.com/2012/09/24/r-i-p-paypass-mbank/

I realise some may consider it an extreme method unless there is some other way I'm not aware of

Here is a reason you may want to disable wireless payments and why banks should have an option to let a card owner set a PIN for every transaction regardless of the amount instead of only over $80

http://www.nfc.cc/2012/04/02/android-app-reads-paypass-and-paywave-creditcards/

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
4384 posts

Uber Geek
+1 received by user: 819

Trusted
Lifetime subscriber

  Reply # 784038 19-Mar-2013 18:28
One person supports this post
Send private message

You might as well want to wear a lead jacket all the time. I don't see any point to disable it. It is there for your convenience





2356 posts

Uber Geek
+1 received by user: 278

Trusted

  Reply # 784043 19-Mar-2013 18:40
Send private message

And if it was a suspicious transaction and you did not give out your pin, then the bank will reimburse you?




 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


  Reply # 784044 19-Mar-2013 18:53
Send private message

Tin foil hat would be cheaper and easier

26227 posts

Uber Geek
+1 received by user: 5807

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 784055 19-Mar-2013 19:25
3 people support this post
Send private message

heavyusr: Here is a reason you may want to disable wireless payments and why banks should have an option to let a card owner set a PIN for every transaction regardless of the amount instead of only over $80



That's only a reason to disable Paypass/Paywave if you're a beliver in FUD. Yes I know all about what the video shows and it doesn't bother me in the slighest. I've spent the last few years playing with NFC technologies and like to think I know a thing or two.

From a risk perspective Paypass/Paywave are literally thousands of times more secure than a plastic card that has your 16 digit credit card number and CVV code printed on it.

The odds of somebody in a cafe who sees hundreds of cards in a day passed to them and deciding to write down numbers because their EFTPOS terminal doesn't support NFC or have a pinpad allowing a customer to insert their own card is far greater than somebody being able to read my card which is located in my wallet.

Banking revoles around risk, risk anaylsys and risk mitigation. To build a credit card platform that was totally sucure you wouldn't have a plastic card with number printed on it. Until that day happens I'm more than happy to carry my Paywave card around and happily use it.




83 posts

Master Geek
+1 received by user: 2


  Reply # 784061 19-Mar-2013 19:39
Send private message

sonyxperiageek: And if it was a suspicious transaction and you did not give out your pin, then the bank will reimburse you?


But you would have to go to the hassle of contacting the bank to say your card was stolen and get a new one It also gives thieves an increased reason to steal your card
Why not allow individual card users the choice to disable it or requiring a PIN for every transaction?


26227 posts

Uber Geek
+1 received by user: 5807

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 784068 19-Mar-2013 19:55
Send private message

heavyusr:Why not allow individual card users the choice to disable it or requiring a PIN for every transaction?



In the US you typically don't even need a signature or PIN for credit card transactions under ~$50 and never have done.

If your card is compromised it's not your issue providong you were complying with your banks terms and conditions.

I'll once again repest one key word - risk. Everything in banking resolves around this.




1245 posts

Uber Geek
+1 received by user: 137


  Reply # 784070 19-Mar-2013 20:01
Send private message

We had a hole punch through a snapper card and that obviously destroyed it similar to the link you posted. So yes I would imagine it would work.

But quite frankly I think you are overly paranoid. There are more real world reports of people skimming EFTPOS cards on ATM machines.

2356 posts

Uber Geek
+1 received by user: 278

Trusted

  Reply # 784071 19-Mar-2013 20:07
One person supports this post
Send private message

sbiddle:
heavyusr: Here is a reason you may want to disable wireless payments and why banks should have an option to let a card owner set a PIN for every transaction regardless of the amount instead of only over $80



That's only a reason to disable Paypass/Paywave if you're a beliver in FUD. Yes I know all about what the video shows and it doesn't bother me in the slighest. I've spent the last few years playing with NFC technologies and like to think I know a thing or two.

From a risk perspective Paypass/Paywave are literally thousands of times more secure than a plastic card that has your 16 digit credit card number and CVV code printed on it.

The odds of somebody in a cafe who sees hundreds of cards in a day passed to them and deciding to write down numbers because their EFTPOS terminal doesn't support NFC or have a pinpad allowing a customer to insert their own card is far greater than somebody being able to read my card which is located in my wallet.

Banking revoles around risk, risk anaylsys and risk mitigation. To build a credit card platform that was totally sucure you wouldn't have a plastic card with number printed on it. Until that day happens I'm more than happy to carry my Paywave card around and happily use it.



Same here.. Until When ASB BANK START to get their payWave cards working again!! :P






83 posts

Master Geek
+1 received by user: 2


  Reply # 810589 3-May-2013 04:29
Send private message

Anyone know what apps are being talked about?
http://www.cbc.ca/news/technology/story/2013/04/24/nl-smartphone-credit-card-skimming-app-424.html

26227 posts

Uber Geek
+1 received by user: 5807

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 810611 3-May-2013 08:04
Send private message

There are plenty of Android apps to read the credit card numbers off a Paywave or Paypass card. As the NFC chip is the same information as track2 on the mag stripe you can't get the CVV/CVC code however as this isn't stored on the card.

From the article:


A thief can simply walk by, pause and read the information through an unwitting person’s coat and wallet.


Some great FUD there..


Meow
7281 posts

Uber Geek
+1 received by user: 3482

Moderator
Trusted
Lifetime subscriber

  Reply # 810613 3-May-2013 08:14
Send private message

There is no point - if you're that paranoid then putting your card in Tinfoil works just as well. If you notice any suspicious transactions your bank will reimburse you, and it makes it far quicker to get the likes of coffee or Subway (and quite a bit cooler)

If you lost your card they can use the numbers on it to buy stuff anyway, or do manual PAN entries. Skimming through the wallet - sure, it might give them your credit card number and expiry but you'll know / this doesn't seem to be happening anyway.

There are several RFID proof wallets, but how I see it is it's just being over-paranoid.




409 posts

Ultimate Geek
+1 received by user: 255


  Reply # 810706 3-May-2013 11:25
Send private message

heavyusr: do you have an eftpos card and are you equally concerned about that being read by criminals?

Doesn't know what he doin
2872 posts

Uber Geek
+1 received by user: 360

Subscriber

  Reply # 810727 3-May-2013 12:12
Send private message

Yeah Im not too worried. I havn't had too many chances to use either of my ASB cards wirelessly at a terminal (Visa and MasterCard), but the times I have, it didn't work. So I'm not too worried about someone trying this for a couple of reasons:
1; If Countdown wont read my card, I'm pretty sure a cheap android phone cant either.
2; Unless they're getting money out of a secret account on my card I dont know about, I dont think it'll be much use to them :P




Bachelor of Computing Systems (2015)

 

--

 

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland 


15 posts

Geek


  Reply # 828682 31-May-2013 10:57
Send private message

The point is there are 3 factors of authentication:

1. Something I have
2. Something I know
3. Something I am

So if you are trying to get into a secure computer room in the Pentagon you would need three. A badge (something I have), a PIN number (something I know) and say a retina eye scan (something I am).

Up until NFC my credit card has always been two factor authentication, i.e. I need the card and the PIN (or the correct signaure - but who does that anymore?)

With these new system it's gone down to one factor and this is therefore less secure than it use to be.

This would not be a problem if I could set the limit and a fair limit is $10 (two cups of coffee). $80 is way too much it means I now have to check all my statements carefully and remember all my Credit and EFTPOS transactions to see if there are any dodgy transactions, because the Banks have lowered the security WITHOUT ASKING ME!

Or I can locate the chip and drill it out!

Awesome
4786 posts

Uber Geek
+1 received by user: 1059

Trusted
Subscriber

  Reply # 828697 31-May-2013 11:30
One person supports this post
Send private message

My non chip, non NFC AMEX card works at some places (Like the supermarket) for transactions under $50 and doesn't ask for a pin.

Swipe mag stripe........approved.

I would be much easier for someone to skim and clone my card that for someone to ping the NFC card that sits next to it in my wallet.

I'm concerned about neither. The bank's got my back.




Twitter: ajobbins


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Opera launches new mobile browser: Opera Touch
Posted 25-Apr-2018 20:45


TCF and Telcos Toughen Up on Scam Callers
Posted 23-Apr-2018 09:39


Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38


Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55


How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08


How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15


iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13


Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11


111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50


Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41


Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29


Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22


Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18


Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47


Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.