PCI DSS 3-2 Contactless data exposure – Surely not poor Governance

Is PCI DSS 3.2 an incompatible truth with contactless payment cards and an inconvenient truth for Banks and card issuers? The following is an interpretation of the Payment Card Industry Data Security Standard version 3.2 (PCI DSS 3.2) against the data readily accessible from a contactless card. It suggests that your card data is at risk, that this risk is identified as a concern for the PCI (Payment Card Industry) such that they list it …

Stopping identity fraud with quantum tunnelling

Even as far back as 2008 it was known that RFID contactless payment fraud was possible and that there was a way to protect RFID data, unfortunately this wasn’t implemented and bank cards are able to be scanned without the users knowledge and the data captured. It is easy to then reuse that data to make payments. Original article Materials World magazine 1st Oct 2008 The risk of fraudsters or terrorists hacking into our personal …

Nearly One In Five Sales Use Contactless Payment

Figures have revealed contactless payments now account for 18% of sales – up from 7% a year ago. A report by the UK Cards Association said that contactless transactions were higher in the six months to June than they were for the whole of last year. The average transaction cost £8.60, the report added. “Contactless cards are firmly entrenched as the preferred way to pay for millions of consumers, who expect to be able to …

How contactless cards are still vulnerable to relay attack

Contactless card payments are fast and convenient, but convenience comes at a price: they are vulnerable to fraud. Some of these vulnerabilities are unique to contactless payment cards, and others are shared with the Chip and PIN cards – those that must be plugged into a card reader – upon which they’re based. Both are vulnerable to what’s called a relay attack. The risk for contactless cards, however, is far higher because no PIN number is …

Why you should never hand your card over when paying with contactless

Many have handed their card over to a bartender or shop keeper to tap the machine when paying, but you really shouldn’t Paying for goods is even easier with contactless pay. A tap and away you go. But if you are asked to pass your card over to the bartender or shopkeeper should refuse. Andrew Goodwill, the founder of the Goodwill Group against CNP (card not present) fraud, shared his advice with our sister title …

Criminals Planting Keyloggers On Smartphones

Smartphones will become the number one target for cyber criminals within five years, according to police and security experts. Sky News has been shown how hackers are developing viruses to by-pass a phone’s security, including the latest biometric systems. The malware ‘Trojan horse’ gives cyber-criminals undetected access to a phone’s internal systems, where they can see every key stroke entered by a user. This has serious implications for those who use their phones to access …

Contactless card theft: users warned to watch out for digital pickpockets

A viral Facebook post which claims to show a man using a contactless card reader to steal from unsuspecting victims has got some people worried. Original article from the www.independent.co.uk A Facebook post which claims to show a man using a contactless card reader to steal money from members of the public has got some people worried about the security of their bank accounts. The image, which first appeared in Russian media, shows a man standing …

Is RFID blocking necessary technology?

Is RFID blocking necessary technology? There is quite a lot of debate about whether the RFID blocking technology is really needed or whether it is just a need created by marketers. We found an interesting article with an opinion against the use of RFID blocking technologies. The article below appeared on infoworld.com (then moved to another project CSO) written by Roger A. Grimes — Columnist.  We recommend you to read this article. RFID Cloaked company’s experts …

Contactless card warning after thieves’ £300 spending spree

This bank card was stolen, but shows that payments up to £30 can be made without any checks on identity of the person or the contactless payment card. With modern hacking and cloning techniques this can easily be achieved without even losing your payment cards or them ever leaving your wallet/purse. A MAN who managed to track down the teens he suspects stole his wallet by tracing their declined purchases is warning people about the risk …