This entry’s not a blog post, tale of action or bravery on the front line, more of an urgent Public Service Announcement to make all my blog followers aware of a new type of high-tech crime which has recently landed on our shores ….
Have you got one of those nice new ‘Contactless’ credit or debit cards; you know, the ones with the ‘radio wave’ symbol on which means in lots of shops, there is no need to stick your card in the machine and enter your PIN number; If what you’re buying is less than £15, you can just wave your card in front of the terminal and bingo, an RFID (Radio Frequency Identification) chip built into your card is read automatically and the payment is instantly taken from your bank account.
A similar thing is happening with the latest mobile phones – it’s called NFC (Near Field Communication) and allows you to hold your mobile near a payment terminal and have the cost either debited from your linked bank account or added to your mobile bill.
There are over 19 million ‘contactless cards’ already issued in the UK by all the major banks, with more to come online as existing cards are renewed. It’s all designed to make your ‘shopping experience’ all that much easier. But what if that experience was all about to turn very, very nasty ?
‘RFID Skimming’ is already a major problem Stateside, and it’s starting to happen over here. All that’s needed to obtain all your important (and you thought secure) credit card data, is a little gizmo costing less than £70 off the internet and a laptop or netbook computer – stick them in a laptop bag, manbag or handbag, walk down any street and let the tech do the stealing for you. The equipment constantly ‘scans’ for RFID chips nearby, and when it finds one, it downloads the data straight onto it’s database – your name, credit card number, expiry date, and all the other important information bar the three digit CSS code on the back of your card.
Instantly, someone else can create a clone ‘contactless card’ with your data on it and go on a shopping spree at your expense. OK, so they can only spend a maximum of £15 a time in store, but armed with all that data, there’s many a website or telephone order that can be made without needing or being asked for your CSS code – Amazon is the biggy that comes to mind !!!
Of course, the banks insist the system is safe and that ‘customers will be reimbursed for any fraudulent activity on their account’ but you still have to prove it to them first and we all know how hard that can that be ???!!!
The same equipment can be used to ‘lift’ data from a new style ‘Biometric’ Passport – simply and easily giving Mr Crook a lot more personal info about yourself, including your name, date of birth and even an embedded electronic version of your passport photo !!! Combine that with your card data and you can see how easy the bad guys have it.
In a crowded area; a store; a lift, railway station or even the queue at McDonalds, a ‘skimmer’ could easily obtain card details from literally dozens of victims in a few seconds and some of the readily available equipment happily works up to 20ft or more away from the intended victim/s.
Watch the news Story from one of the American TV Networks below, then ask yourself if you still want that type of plastic in your pocket ???