Imagine you’re on your way to the office or heading to meet friends for dinner, minding your own business on the tube, train or bus. But little do you know as someone bumps past you to get a seat, your wallet and card details have just been digitally pickpocketed! Sophos have sent this report to us to share with our readers here.
As a growing trend in the UK, Sophos has the latest updates on how best to protect your wallet, and in fact Passport, from being digitally snatched without you realising. This issue would not be restricted to the UK either, Organised criminals here have already invested in technology to get access to such material and I have brought an example up with our own banks here last year questioning them on our contactless bank cards and how often will the PIN be requested and was met with worrying answers having being told you would be asked at least once in 3/6 transactions,this I have found not to be true and I have only entered my PIN three times since this became active here.
I find this not good enough. WHY? Well for several reasons, One being obvious you could simply drop your card and someone can go a small shopping spree and by the time you find it its too late,the bank has stated it can pick up on irregular spending but how is this was not possible at launch because they simply did not have the data or algorythim in place to spot a possible fraudulent use of the card.
@techbuzzireland Each bank sets a limit on the number/value of Visa contactless transactions that can be made before asking for a PIN. (1/3)
— Visa Ireland (@VisaIreland) July 1, 2016
Matt Boddy has documented this great article on this very subject..
Do you travel on the London Underground? The Boston Subway? The Paris Metro? Oxford buses? The San Francisco BART? Sydney Trains? Tokyo’s Yurikamome Line?
Perhaps you’re crushed up against other passengers right now on your morning commute as you read this very article on your mobile phone? Perhaps you’re waiting for a flight, after rushing through a crowded airport to get to your departure gate in time?
If so, I bet you’ve worried that having a wireless debit card could lead to you being digitally pickpocketed. Or that having an RFID-enabled passport could lead to your passport details being sniffed out while your documents are safely stashed in your backpack or bumbag.
I tried various freely-available Play Store apps on an Android phone, and I could reliably retrieve the following data from a passport and a debit card, all done wirelessly via NFC.
- Debit Card: Long card number, Expiry date.
- Passport: Surname, Given name, Nationality, Gender, Date of birth, Picture, Passport number, Date of expiry.
Matt says – Being in the IT security industry, I find I naturally gravitate towards assuming the worst – even if some people call me paranoid or a fan of tinfoil hats.
So, when I got drawn into a recent pub conversation about the necessity of RFID signal-jammers for your wallet – tinfoil hats for your credit cards, in other words – my interest was aroused.
Initially, I scoffed at the idea, having seen a friend try to use an RFID blocking wallet on a wireless building pass, and fail.
But hearing this punter in the local pub insisting that that RFID blocking wallets were not just a good idea but a necessity, I decided to investigate further. Being a stubborn individual with a determination to prove my pub acquaintance wrong, my mission was clear…
…I set about buying various RFID blockers – three different sorts – and started to test.
Technology 1: RFID blocking credit card case (brand: Kinzd)
Technology 2: RFID/NFC blocking card (brand: Attenuo)
For more please read the full artilce HERE