The truth behind criminals using “tap and go” to steal from your bank card

das Toktokken

Honorary Master
Joined
Jul 18, 2008
Messages
53,973
The issue is that the banks have only assessed the risk of doing transactions directly from the card. A CVV is only 1000 iterations away once you know a person's card number. That isn't good security.
Seems it's not possible to read the card number with my phone - just tested. It returns an ID which is either encrypted or not related to the card number. It correctly identifies the chip type etc, but I can't get this to work:

https://www.trishtech.com/2016/10/r...-using-credit-card-reader-nfc-app-in-android/

Will look into decrypting the data... though this article says it's not necessary:

http://www.nfc.cc/2012/04/02/android-app-reads-paypass-and-paywave-creditcards/
 
Last edited:

ConfusedR

Expert Member
Joined
Jun 27, 2015
Messages
1,201
AK47s is also not supposed to be easy to get........but most criminals are using these
 

Swa

Honorary Master
Joined
May 4, 2012
Messages
30,109
Seems it's not possible to read the card number with my phone - just tested. It returns an ID which is either encrypted or not related to the card number. It correctly identifies the chip type etc, but I can't get this to work:

https://www.trishtech.com/2016/10/r...-using-credit-card-reader-nfc-app-in-android/

Will look into decrypting the data... though this article says it's not necessary:

http://www.nfc.cc/2012/04/02/android-app-reads-paypass-and-paywave-creditcards/
If it can be read at all it's a security risk. Even with a registered terminal if there's no transaction taking place there's no way to link it to any person. The banks are mum on this neither saying whether it can be read by anyone or not.
 

bwana

MyBroadband
Super Moderator
Joined
Feb 23, 2005
Messages
83,162
Which isn’t in SA.

But I was under the impression the thread is about tap and go on card payments.

You didn’t define “it” exactly.
It works in SA.

I was curious about security - phone vs card. Both utilise NFC but the phone one seems inherently more secure.

The sentence defined "it" adequately.
 

das Toktokken

Honorary Master
Joined
Jul 18, 2008
Messages
53,973
It works in SA.

I was curious about security - phone vs card. Both utilise NFC but the phone one seems inherently more secure.

The sentence defined "it" adequately.
For that you need the app running to use it, so I'd say it's generally more secure.
 

marine1

Honorary Master
Joined
Sep 4, 2006
Messages
48,772
Why have we not moved to biometric payments?
They already have our prints
 

Frequent visitor

Expert Member
Joined
Apr 5, 2018
Messages
2,803
Why have we not moved to biometric payments?
They already have our prints
Why not just swipe and enter pin? Who is in such a tearing hurry?
The fingerprint reader on my i5s is unreliable, as is the touch screen. So what will work as suggested by marine1?
 

marine1

Honorary Master
Joined
Sep 4, 2006
Messages
48,772
Why not just swipe and enter pin? Who is in such a tearing hurry?
The fingerprint reader on my i5s is unreliable, as is the touch screen. So what will work as suggested by marine1?
No I mean each paypoint has a biometric machine, yes its not great for hygiene but.....
 

SauRoNZA

Honorary Master
Joined
Jul 6, 2010
Messages
40,766
It works in SA.

I was curious about security - phone vs card. Both utilise NFC but the phone one seems inherently more secure.

The sentence defined "it" adequately.

Works where in SA? With a foreign card?

We are crossing channels with something here.
 

Speedster

Honorary Master
Joined
May 2, 2006
Messages
15,703
Part of the added safety with NFC is that the card never leaves your hand, so no option to quickly skim the card. Also, as mentioned, using it illegally (without the owner's consent) would require cooperation from the device owner, which the bank can easily trace. This is very different to a skimmed card which can be used at any vendor and is significantly more difficult to trace the perpetrator.

I think it is instructive to note, as per the article, that not a single case of fraud using NFC payments has been reported
 

SauRoNZA

Honorary Master
Joined
Jul 6, 2010
Messages
40,766
Foreign cards, loaded onto the app, work anywhere in SA where contactless payments are accepted.

Aah now that I didn’t know.

So there really is zero barrier to implementing it here.
 
Top