I’ve always avoided the idea of NFC for payment.
Why? First reason is that I deal in cash whenever possible. Cash is hack proof. Credit cards not so much. I’m not too keen on my purchases and whereabouts being tracked either.
Also, I keep my elbows greased enough that it isn’t extremely difficult to pull my wallet out of my pocket to wave some cash in the cashier’s face, almost as easy as waving my phone in their face.
NFC? Why open yet another port of entry for hackers?
And sure enough whenever there is a locked door, there will be a tool designed to open it.
Well here it is.
Yesterday ABC News Chicago reported the results of an investigation into NFC hacking.
The ABC7 I-Team reveals the mobile technology that hackers can use to steal credit and debit numbers from you while you’re in public. The cards at risk are enabled with radio technology that allows you to “wave and pay.”
It may be convenient, but there are also remote tools that thieves can use to steal information from those cards. The I-Team tested a device that can “secretly swipe” while you are standing in line to pay, on an escalator, or in a crowded spot.
“I would walk up to you and I might stand like this on the train, Ok and boom, I have your credit card,” said David Bryan.
Bryan, a security specialist at Chicago’s Trustwave, used a device in his backpack to read account numbers and expiration dates – all from cards which I think are safely tucked away in my wallet.
“They have everything in just a few seconds,” Bryan said. “The card sends data back to the device, right. So that means it’s wireless, so if it’s wireless, it can be read through clothing.”
Sure this refers to the NFC chip in your credit cards, which is low hanging fruit. We have to assume that NFC on smartphones is more sophisticated with better authentication etc., but then aren’t all hacks done under the assumption of security by the users?
Yes. Yes they are. Are hackers often smarter than those who design the systems that are hacked? Yes, Yes they are.
Discussion of this subject is in our forum HERE, your thoughts would be welcome.