Julian Yap

Hacker's Demo Shows How Easily Credit Cards Can Be Read Through Clothes And Wallets

With a Vivotech RFID credit card reader she bought on eBay for $50, Paget wirelessly read a volunteer’s credit card onstage and obtained the card’s number and expiration date, along with the one-time CVV number used by contactless cards to authenticate payments. A second later, she used a $300 card-magnetizing tool to encode that data onto a blank card. And then, with a Square attachment for the iPhone that allows anyone to swipe a card and receive payments, she paid herself $15 of the volunteer’s money with the counterfeit card she’d just created.

Moments later she was taken away by the FBI for committing credit card fraud.

Paget says that rotating one-time CVV only means a fraudster would need to target multiple victims rather than defraud a single victim repeatedly. The scammer could stand in a crowded train station, for instance, reading the card numbers of many passers-by and sending them to an accomplice who carried out the rest of the scheme in real-time.

This would therefore increase the criminal's risk. The equivalent of breaking into 10 houses to steal 10 small items instead of breaking into 1 house.

It should be noted that contactless debit and credit transactions are protected by the same fraud guarantee as standard transactions.

The best piece of advice: Check your credit card transaction history.

30 JANUARY 2012 @ 11:15PM

Pages

Follow Me

Google+ RSS