Название | : | EEVblog #889 - Credit Card RFID/NFC Theft Protection Tested |
Продолжительность | : | 17.21 |
Дата публикации | : | |
Просмотров | : | 128 rb |
|
I don't trust contactless or nfc Dodgy tech at it's worst Comment from : @CortinasAndClassics |
|
I don't think that I believe your statement that card information can't be stolen, because how would the store's scanner process a payment? My wife's card had not left it's paper sheath since it was issued, and yet it, and every RFID card in her wallet were compromised somehow The old cards without contactless payment were unaffected I call BS on the VISA assertion that this is secure Comment from : @Davi-did |
|
Plz make small videosur video is informative but Plz make use good visualization and short ones Comment from : @johnfrancis923 |
|
I lost US$40 because I forget this lesson “always cover your credit card in aluminiun foil” Comment from : @ingenierocristian |
|
In the uk it’s up to £30 but with the virus that is going around it’s now up to £40brEdit : Also it’s called contact less , over here Comment from : @samuelhulme8347 |
|
"Don't wear it on your head, put it in your pocket" lol Comment from : @BoB4jjjjs |
|
Very interesting! Comment from : @gearstil |
|
And when you loose it anyone can help themselves to your money Not the smartest idea I'm sticking with the old chip and pinmuch safer Comment from : @paulevans4334 |
|
Guaranteed, I can scan your card through that bag with inexpensive equipment I built and use daily I can read it through all passive shields tested to date, our database of failed shielding pockets, wallets, phone cases, and bags (airport luggage) is at 832 products with only 3 products actually causing significant issues extracting the information required to perform a transaction without visual or physical contact with the card Be more careful about what security products you endorse as probably working, they only work on low power RFID readers Criminals use high powered RFID readers We believe there are a lot of criminals using these making it a HUGE concern with an ever increasing probability that any given individual will be targeted with an attack in a given timeframe We will be probing many major metropolitan cities across the US to discover the reality of how likely someone is to becoming the target of such a scam We will post a site and post out data when we complete our studies We are projecting study completion in November of 2020 Comment from : @binaryglitch64 |
|
I have an aluminium wallet lol Comment from : @hanro5028 |
|
Cutting the antenna in your credit card definitely works to prevent NFC fraud Comment from : @davidbrewer7937 |
|
Best video on how NFC works but with wrong title Comment from : @thanasisathanasi4965 |
|
They should use nfc for car entry Comment from : @bridgendesar |
|
You can expose card by power flashlight and see embedded coil and chip Comment from : @RomanDvoryadkin |
|
Jackscepticeye? Comment from : @moog38yearsagoupdated1mont9 |
|
You will find that the credit card details can be retrieved If you had pressed the tag information, you would have seen the credit card number Comment from : @Giorgist |
|
It's pronounced rectum fryer Comment from : @jerremm |
|
Before freaking out about NFC creditcard technology, lets actually think about what's going on inside those cards 1) You cannot actually read "creditcard data", like on those swipe type (magstripe) cards - there's a chip inside the card that encrypts the PAN and PIN of your card based on charged amount and other stuff That chip actually uses the payment terminal as an intermediary when communicating with a payment system All of the information that goes into the card and out to the payment system is encrypted In other words, until this encryption scheme is not cracked, it can be considered safe 2) Even if you build a device that communicates with a NFC creditcard, that gives you very little You also would need to find an acquirer bank that will accept a transaction from an unauthorized device And believe me, it is tough and expensive business So, I can realy guarantee you, that, if such theft will ever be accomplished, it will probably be one off 3) If you were thinking, that you could make a transaction by "channeling" from an NFC creditcard into a legit payment terminal, well, there is a protection too So, if you were thinking to make a living out of stealing creditcard data from NFC cards - just get a job If you are just an owner - stop freaking out and spending money on silly stuff like that bag in the video Comment from : @obriska |
|
For those curios: ESD bags does NOT block the signal Comment from : @MrHack4never |
|
kevin mitnick already made a reader that captures the card data Comment from : @casewhite5048 |
|
From taking screenshots of your lovely scope I'm able to ascertain that your name is Dave brJoking aside I imagine with even just Al foil the eddy currents would produce enough noise to disguise the AM packets, although they are sent after the circuit is charged but at that freq it probably stops the induction to the receiver coil in the first placebrI love how every second week these card are on the news as a "security risk" but never referring to the RFID technology itself Anyhow great video mate Comment from : @DanielVidz |
|
Not an RF field? That's exactly what this is! That schematic you drew is equivalent to a good old fashioned crystal radio with a loopstick antennabrbrGenerally, any of the antennas with circular elements work by coupling the magnetic (B) field, while dipoles and related things like yagi arrays couple the electric (E) field Comment from : @PaulSteMarie |
|
You didn't sign your card It's not valid! :D Comment from : @adamlink9772 |
|
"This is NOT a RF system, it works on magnetic fields instead of RF-fields" oO Well, what are RF-systems working on ?brRF-systems are in theory a transformer system - and yes, they are called antennaes Comment from : @TheSkogemann |
|
"It's a Gianotti brand, for those playing along at home" - 100000 EEVblog bag-aficionados just got what they came for!brIt's a bobby dazzler! Comment from : @TheSkogemann |
|
I'm sorry Dave, 1356MHz qualifies as RF In fact above 153kHz is the LW band and something around 67kHz is (was?) broadcast for RF clocks in Europe The method of coupling into the receiver is not what decides whether it's RF, that is merely the transmission scheme and antenna coupling Sure most transmission uses the 'E' field and this is predominantly 'M' field but what about AM receivers that have those dinky little ferrite rod antennas? They are really only a coupled transformer, or are they too not radios?? Comment from : @etmax1 |
|
I'd rather figure out how to fry the RFID chip in any card I have, as it's a feature I'd NEVER use specifically because it's so insecure brbrPerhaps a disposable camera's xenon flash circuit, but add an air-core inductor in series with the flashtube, and put the card on the coil?brIdea is that it basically makes a tiny EMP every time the flashtube goes off due to the high pulse current Intent is to overload the input of the RFID chip to the point of failurebrbrPutting the card in a microwave for 5 seconds wouldn't work, as it'd also fry the security chip, which I DON'T want to happen Comment from : @44R0Ndin |
|
Thanks for clearing up the misconception and highlighting the technology Comment from : @oneofus7828 |
|
How about cutting up an anti-static bag (the gray ones, not the pink ones)?br Aluminum foil is VERY fragile, and will not last long Comment from : @harrkev |
|
hi DavebrActually RF's are magnetic waves so why are you bothering yourself to say its different from a typical RF cable that sends off data in form off some modulation of a RF pulse? Comment from : @arsk7112 |
|
I'd say that the reason people think that putting cards together will protect them is that a lot of implementations don't do anti-collision properly Haven't tested it with Opal, but certainly the MyKi readers in Melbourne don't implement anti-collision, if it sees multiple cards it just gives up So they've probably seen a message like "multiple cards detected, try again" and assumed that that means that the system can't read them if there are multiple cards therebrbrAs far as reading them from a distance, there's an application note, I believe on the TI website which covers building long range antennas for RFID, after a point you end up with something that looks like the anti-theft tag gates in shopsbrbrWhat I'd be more interested in (haven't got around to actually testing it though) is how much of the signal you could passively sniff while a transaction is in progress, because although the system is designed to use magnetic coupling, 135MHz propagates reasonably well so you're going to get some degree of RF leakage Comment from : @SomeMorganSomewhere |
|
You can turn this feature off at your bank Comment from : @billbill5443 |
|
It'd be cool to see what's being passed between a Nintendo Wii U or 3DS and the Amiibo NFC figures, or between Skylanders and Disney Infinity figures and their respective NFC stands Comment from : @richfiles |
|
Oh, I have a slight issue with how you are thinking modulating a coil is not a radio? The difference between a transformer and a radio is the radio modulates the electromagnetic field (we call it electromagnetic radiation for a reason) My one transistor AM crystal radio works exactly the same way using the radio signal to provide enough current to run it, admittedly I do ground it rather than ground to the other end of the coil I bet if I tune a heterodyne receiver to 50Hz I'll be able to here a continuous 50Hz radio signal With a powerful enough radio signal one can in fact activate one of these cards Comment from : @EwanMarshall |
|
All magnetic fields have a electric field, an electro magnetic field is what we call RF So technically wouldn't the transformer magnetic fields be just as much RF as traditional RF and if not please clarify? Comment from : @DantalionNl |
|
Out of curiosity did this video on a purse make enough income to bpay/b for said purse? :D Comment from : @ICanDoThatToo2 |
|
this didn't appear in my subs Comment from : @rubusroo68 |
|
Is it possible to emulate a NFC tag with the phone? Ie, store a copy of a tag and emulate it? Comment from : @justahappyfellow |
|
Its not the contactless you want to worry about , its the EMV protocol being broken as shit thats the problem Comment from : @andljoy |
|
once u have used the app to read your card what's to stop the app squawking all your card details back to whoever wrote the app? This technology is called contactless payment here in the UK BTW Comment from : @yakacm |
|
Thanks DavebrJust for your information: Skimming like this is already happening in Europe Comment from : @Vliegendehuiskat |
|
I've had my card wrapped in "AL-foil" for about a month Now I know I'm "mostly" safe Thanks for this video and the knowledge it passes on to the public My bank couldn't even give me a straight answer about this Comment from : @bigwheelsturning |
|
Also NFC TagInfo by NXP gives lots of data Comment from : @Elecifun |
|
If you are worried about people stealing your data you could always just disable the RFID functionality I know that my bank has an option online to just turn the feature off The same option is there to disable the magnetic strip What this does is probably just declines any transactions made when using those technologies Comment from : @rolaroli |
|
Dave Cad classic :D Also, this technology is very similar to the QI standard for wireless charging for phones & tablets Instead of sending the credit card data, the device sends information to the pad such as how much current to supply and when to stop by modulating the load on the phone's internal charging coils Comment from : @neardood1 |
|
Mrs EEVBlog's bag TAKE IT APART !! Comment from : @derek7808 |
|
My card got cloned while I was buying aluminium foil to protect my card from being cloned Comment from : @burkezillar |
|
I feel like a simple solution to these cards would be a resistive sensor or something (such as two metal contacts that you place your finger over) and without your finger on them, the card doesn't talk Comment from : @iamdarkyoshi |
|
More sophisticated than a charcoal rubbing of a pocket to determine the contents Comment from : @deadfreightwest5956 |
|
i wonder if you can make an rf id protected duck tape wallet using that foil Comment from : @bland9876 |
|
The fun thing to do is have a larger coil in the purse that also picks up this magnetic field and outputs random noise in the RFID bands The best part is that under normal conditions it does nothing, only when you're being scanned by some thief Comment from : @BobDiaz123 |
|
I use my iphone to do the equivalent of the tap n go, but the iphone apple pay has extra layers of protection Like it needs my thumbprint to work, and if I lose the iphone or it gets stolen(which would result in basically the card was also lost or stolen) I can just simply shutdown the phone with Find My Iphone and not worry about itbrbrSo now, all I carry is my iphone with me, all the credit cards stay at home Comment from : @memadmax69 |
|
I know of someone who used to chat with their victim They worked in a shop with a card reader that they would put the card in and hand to the customer They would get in to a surprised sorta reaction, put the card down on their touchless payment machine and and get an easy £30 Somehow it was also untraceable Comment from : @shadowguidr7042 |
|
Oh wow That number isn't quite that hard to read I'm not malicious though :) Comment from : @shadowguidr7042 |
|
In the UK it's just 'touchless payment' and limited to £30 afaik Comment from : @shadowguidr7042 |
|
mslashdotorg/story/312437 Comment from : @friedrichsinofzik5969 |
|
For those of you playing along at home, the answers are:br4649 3455 1201 4809br10/18brAin't that right Dave ;) Comment from : @EscapeMCP |
|
You are the bear grylls of electronics Comment from : @jbuddyman |
|
I don't know about Australia but many places in the US they have RFID tags in the cars for toll roads, the readers are over the road at least 16 feet in the air, they can record me passing even at 75mph now i doubt the protocols are the same but i'm fairly sure the tech is larger antenna and more power obviously, but since your not a criminal and not equipped with these toys I wouldn't discount the criminal elements ability to procure such devices Comment from : @kirknelson156 |
|
You keep saying something like AAAH FOIL, it took a while before I realized that you were saying ALLLL FOIL So I assume you are saying ALUMINIUM FOIL or for the Yanks ALUMINUM FOIL Comment from : @brit1066 |
|
Thats the REAL PERFECT way to really explain those "RFID" cards! Perfect, and UnderstandablebrIndeed, It is a Inductively coupled system Comment from : @NeovoGeesink |
|
Such a shield works while the card is in it Remove the card to use with the RFID scanner at checkout and a black hat behind you in the checkout line doesn't even need to transmit anything to pick up the signal Comment from : @hanelyp1 |
|
So if i find a card in Australia and if your NOT a nice person you can take a chance and buy up to $100 AUS dollars that seems a bit crap Comment from : @Rob1972Gem |
|
Guess I better make a tinfoil hat for my wallet Comment from : @robertkilbourne323 |
|
Does the alignment between the transceiver and the card matter? Comment from : @08Ultrasonic |
|
Love that DaveCAD works beautifully even on small screens Comment from : @emuboy85 |
|
So when is somebody going to make a shoplifting RFID/NFC theft protection handbag with the lining over the main compartment? Comment from : @foobargorch |
|
could you use some gadgets in your lab to generate a more powerful transmitter? That would have been interesting And to test the max distance with the phone's power and plot it out Comment from : @bobbym3155 |
|
If there is loose money laying around some criminals WILL find a way to pick them up Comment from : @johndue2366 |
|
How to tear PCI-DSS apart in 17 minutes xD Comment from : @random_content_generator |
|
it is stelth technology bag ) Comment from : @3JIbIDEHbv2 |
|
we JUST got chip and pin to be widespread in america i got my first one recently br10 more years we might get this RFID :P Comment from : @OneBiOzZ |
|
I wanted to totally disable the RFID function of my card The answer was simple A small notch in the bottom edge of the card, just a few mm, breaks the coil and stops it working Comment from : @peterjansen5498 |
|
can the 847kHz get through the foil? Comment from : @konic40 |
|
4:00br"DaveCAD"brNo no, that is not CAD (I am, however, amused) Comment from : @giga-chicken |
|
From what I can tell, the only info that you can get out of these cards is the same info on the front of the card (card number and expiry date) It doesn't give you any of the crypto information needed to create a duplicate card using the modern EMV protocols, and it doesn't give you the CVV number you usually need to make online purchases It might be possible to make a fake magnetic strip card, which may work if your card issuer and the store's card processor still allow magstripe transactions - though if you're in the US, that's likely the case Comment from : @RobertHancock1 |
|
I've made a hat out of aluminium foil so that GCHQ can't see what I'm thinking when I touch myself Comment from : @west3366 |
|
More videos on wireless hocus pocus please This was very informative Comment from : @hgbugalou |
|
A tap and go skimmer was the first device I built with what I learned on EEVblog It works like a charm and finances all my subsequent projects Thank you dave Comment from : @thekaiser4333 |
|
A friend of mine was on the standards committee for the design of all RFID banking cards and he went through the maths regarding theft and RF levels both to activate the card and the RF from the card and the chance of someone stealing your data is very low Anyway you'll get your money back as it was an unauthorised transaction Comment from : @glenwoofit |
|
yeah,I guess i would be more converned with the ones they are sticking to the front of gas pumps and at rest stops seems here in Michigan,theives have targeted the main areas they know people in a hurry to travel stop they have already hit up several gas stations and rest stop machines Comment from : @scottfirman |
|
So what we have basically just witnessed is that Aluminium Foil Hats can/might actually work Bob is my uncle Comment from : @ImJuanka |
![]() |
Protect yourself from NFC/RFID Credit Card Theft Now ! #HatodaScrewAurCard РѕС‚ : Ur IndianConsumer Download Full Episodes | The Most Watched videos of all time |
![]() |
RFID Scanner Credit Card Theft - see how contactless credit cards have their details stolen РѕС‚ : Blockr Download Full Episodes | The Most Watched videos of all time |
![]() |
Возможности NFC на вашем смартфоне!NFC Tools #NFC #Xiaomi #Лайфхак #Фишки #Смартфоны #2020 РѕС‚ : Давид и Настя Download Full Episodes | The Most Watched videos of all time |
![]() |
VAULTCARD - Ultimate Protection For Your RFID Credit Cards u0026 Passports РѕС‚ : Vaultskin Download Full Episodes | The Most Watched videos of all time |
![]() |
How to Secure from RFID Credit Card Theft РѕС‚ : Vaibbhav Sharrma Download Full Episodes | The Most Watched videos of all time |
![]() |
$10K BAD Credit or NO Credit Credit NO CREDIT CHECK Credit Line TOMO Credit Card INSTANTLY APPROVED РѕС‚ : Currency Counts Download Full Episodes | The Most Watched videos of all time |
![]() |
MY FIRST CREDIT CARD | BDO INSTALLMENT CARD | Credit Card for beginner | Credit Card 101 РѕС‚ : Jess Cutarra Download Full Episodes | The Most Watched videos of all time |
![]() |
Aluminum Foil for RFID Protection? РѕС‚ : empdoctor Download Full Episodes | The Most Watched videos of all time |
![]() |
Оплата с карты на смартфон через NFC / Card to phone payment via NFC РѕС‚ : Touchcard Download Full Episodes | The Most Watched videos of all time |
![]() |
RFID and NFC Attacks - CompTIA Security+ SY0-501 - 1.2 РѕС‚ : Professor Messer Download Full Episodes | The Most Watched videos of all time |