Contactless cards again! [OT in uk.d-i-y]


R

Roger Mills

This article http://www.bbc.co.uk/news/business-22545804 appears to
vindicate what I have always said about contactless cards.

Not only are they vulnerable to fraud by villains with scanners who
don't need to get close enough to arouse suspicion, but it now seems
that they're also vulnerable to *accidental* use!

I'm very glad that I ditched my CapitalOne card when they insisted [1]
on replacing it with a contactless card.

More and more financial institutions are now using these things, making
it very difficult to avoid unless you do away with credit and debit
cards altogether. I've unfortunately still ended up with one or two, but
they never leave the house and are used only for on-line transactions.

The sooner the whole idea is re-thought, the better!

[1] Using the very dubious tactic of pretending that my previous card
had been "compromised" (which I'm damn sure it hadn't!) in order to
provide a pretext for needing to issue a new card long before the old
one had expired.
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.
 
Ad

Advertisements

A

Andy Cap

This article http://www.bbc.co.uk/news/business-22545804 appears to
vindicate what I have always said about contactless cards.

Not only are they vulnerable to fraud by villains with scanners who
don't need to get close enough to arouse suspicion, but it now seems
that they're also vulnerable to *accidental* use!

I'm very glad that I ditched my CapitalOne card when they insisted [1]
on replacing it with a contactless card.

More and more financial institutions are now using these things, making
it very difficult to avoid unless you do away with credit and debit
cards altogether. I've unfortunately still ended up with one or two, but
they never leave the house and are used only for on-line transactions.

The sooner the whole idea is re-thought, the better!

[1] Using the very dubious tactic of pretending that my previous card
had been "compromised" (which I'm damn sure it hadn't!) in order to
provide a pretext for needing to issue a new card long before the old
one had expired.
There's several Youtube videos on disabling them but I suspect they're
using US cards pre-Chip and Pin and it looks like you'd damage that area
as well.
Andy C
 
T

Tim Streater

Roger Mills said:
This article http://www.bbc.co.uk/news/business-22545804 appears to
vindicate what I have always said about contactless cards.

Not only are they vulnerable to fraud by villains with scanners who
don't need to get close enough to arouse suspicion, but it now seems
that they're also vulnerable to *accidental* use!

I'm very glad that I ditched my CapitalOne card when they insisted [1]
on replacing it with a contactless card.
I don't believe I've seen one of these. Is it obvious what they are? Or
might I find that the CC company sent me one when the current card
expired and I didn't know it?
 
A

Andy Cap

Roger Mills said:
This article http://www.bbc.co.uk/news/business-22545804 appears to
vindicate what I have always said about contactless cards.

Not only are they vulnerable to fraud by villains with scanners who
don't need to get close enough to arouse suspicion, but it now seems
that they're also vulnerable to *accidental* use!

I'm very glad that I ditched my CapitalOne card when they insisted [1]
on replacing it with a contactless card.
I don't believe I've seen one of these. Is it obvious what they are? Or
might I find that the CC company sent me one when the current card
expired and I didn't know it?
Put "contactless card symbol" into Google.
 
T

Tim Streater

Andy Cap said:
Roger Mills said:
This article http://www.bbc.co.uk/news/business-22545804 appears to
vindicate what I have always said about contactless cards.

Not only are they vulnerable to fraud by villains with scanners who
don't need to get close enough to arouse suspicion, but it now seems
that they're also vulnerable to *accidental* use!

I'm very glad that I ditched my CapitalOne card when they insisted [1]
on replacing it with a contactless card.
I don't believe I've seen one of these. Is it obvious what they are? Or
might I find that the CC company sent me one when the current card
expired and I didn't know it?
Put "contactless card symbol" into Google.
I see, thanks. Hmmm, looks like it's too late.
 
R

Roger Mills

Andy Cap said:
This article http://www.bbc.co.uk/news/business-22545804 appears to
vindicate what I have always said about contactless cards.

Not only are they vulnerable to fraud by villains with scanners who
don't need to get close enough to arouse suspicion, but it now seems
that they're also vulnerable to *accidental* use!

I'm very glad that I ditched my CapitalOne card when they insisted [1]
on replacing it with a contactless card.

I don't believe I've seen one of these. Is it obvious what they are? Or
might I find that the CC company sent me one when the current card
expired and I didn't know it?
Put "contactless card symbol" into Google.
I see, thanks. Hmmm, looks like it's too late.
If you carry it around, keep it in a lead sheath!
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.
 
Ad

Advertisements

D

David Woolley

Roger said:
If you carry it around, keep it in a lead sheath!
Silver is best, then copper, but aluminium foil seems quite good, as
tested with Oyster cards, which use the same near field communication
standards. Lead is likely to be relative non-conductive. Sandwiching
them between two Oyster cards may also trigger a multiple card error.

You can get foil lined card sheaths, and even foil lined card wallets
(e.g. google "rfid blocking wallet").

The foil probably detunes the circuit, as well as screening it.
 
J

John Rumm

Andy Cap said:
This article http://www.bbc.co.uk/news/business-22545804 appears to
vindicate what I have always said about contactless cards.

Not only are they vulnerable to fraud by villains with scanners who
don't need to get close enough to arouse suspicion, but it now seems
that they're also vulnerable to *accidental* use!

I'm very glad that I ditched my CapitalOne card when they insisted [1]
on replacing it with a contactless card.

I don't believe I've seen one of these. Is it obvious what they are? Or
might I find that the CC company sent me one when the current card
expired and I didn't know it?
Put "contactless card symbol" into Google.
I see, thanks. Hmmm, looks like it's too late.
I seem to recall that my bank wrote to me saying they were going to
issue these things, and to object if you did not want one. I did, and
later they sent one anyway. I wrote and pointed out I had requested not
to have one, and they said basically "tough, its policy now!"


--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\=================================================================/
 
M

Martin Brown

Advantage is they can probably only grab £20 at a time.
I'm very glad that I ditched my CapitalOne card when they insisted [1]
on replacing it with a contactless card.
I don't believe I've seen one of these. Is it obvious what they are? Or
might I find that the CC company sent me one when the current card
expired and I didn't know it?
Depends how good you are at playing "guess the icon".

Contactless cards icon is "))))" with each one getting bigger.

If you have a Barclaycard chances are it as this functionality now.
 
T

Theo Markettos

In uk.d-i-y Andy Cap said:
There's several Youtube videos on disabling them but I suspect they're
using US cards pre-Chip and Pin and it looks like you'd damage that area
as well.
A carefully placed drill hole should do the trick.

If anyone asks, you drilled it to keep cards on your keychain like those
Tesco Clubcard thingies.

Theo
 
R

Roger Mills

Advantage is they can probably only grab £20 at a time.
But they can probably do it multiple times before being asked for a PIN
- and rack up quite a bill in the process.
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.
 
Ad

Advertisements

H

Harry Bloomfield

Roger Mills explained on 20/05/2013 :
This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate
what I have always said about contactless cards.

Not only are they vulnerable to fraud by villains with scanners who don't
need to get close enough to arouse suspicion, but it now seems that they're
also vulnerable to *accidental* use!

I'm very glad that I ditched my CapitalOne card when they insisted [1] on
replacing it with a contactless card.

More and more financial institutions are now using these things, making it
very difficult to avoid unless you do away with credit and debit cards
altogether. I've unfortunately still ended up with one or two, but they never
leave the house and are used only for on-line transactions.

The sooner the whole idea is re-thought, the better!

[1] Using the very dubious tactic of pretending that my previous card had
been "compromised" (which I'm damn sure it hadn't!) in order to provide a
pretext for needing to issue a new card long before the old one had expired.
A sheet of cooking foil, in with the notes of your wallet, would
probably be enough to defeat it.
 
R

Roger Mills

I seem to recall that my bank wrote to me saying they were going to
issue these things, and to object if you did not want one. I did, and
later they sent one anyway. I wrote and pointed out I had requested not
to have one, and they said basically "tough, its policy now!"
CapitalOne didn't provide an option of any kind - they just sent out the
new cards. I had several irate phone conversations with their CS staff -
all to no avail - so I told them to stuff their card!

I assume they believe that if transactions are easier to carry out,
people will use them for small purchases in preference to cash, and they
(the card companies) will get lots of extra revenue.
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.
 
R

Roger Mills

A carefully placed drill hole should do the trick.

If anyone asks, you drilled it to keep cards on your keychain like those
Tesco Clubcard thingies.

Theo
Do you have a template for where it needs to be drilled? [I assume that
it's not as simple as drilling out the contactless icon].
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.
 
D

D.M.Chapman

On 20/05/2013 18:53, Theo Markettos wrote:

Do you have a template for where it needs to be drilled? [I assume that
it's not as simple as drilling out the contactless icon].

If it's like our cards at work (mifare classic) then a small crack at the
edge is enough to break the antenna and stop it working :-(

Darren
 
A

Andy Cap

But they can probably do it multiple times before being asked for a PIN
- and rack up quite a bill in the process.
I believe it's £50/day max and they promise to refund any fraudulent
transactions.
 
Ad

Advertisements

N

newshound

On 20/05/2013 18:53, Theo Markettos wrote:

Do you have a template for where it needs to be drilled? [I assume that
it's not as simple as drilling out the contactless icon].

If it's like our cards at work (mifare classic) then a small crack at the
edge is enough to break the antenna and stop it working :-(

Darren
Surely *someone* has access to an X-ray machine so that we can map how
to disable them without shafting the chip!
 
A

Andy Burns

newshound said:
Surely *someone* has access to an X-ray machine so that we can map how
to disable them without shafting the chip!
By shining a bright LED torch though various MiFARE type cards I can
easily see the aerial wires running round the cards, but on a Barclays
contactless card I can't see anything other than the chip itself ...
 
R

Roger Mills

I believe it's £50/day max and they promise to refund any fraudulent
transactions.
So how do you prove that *you* didn't make the transaction?
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.
 
Ad

Advertisements

R

Roger Mills

Therefore £80
Not insignificant!
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top