[LINK] Researchers See Privacy Pitfalls in No-Swipe Credit Cards
link at todd.inoz.com
Tue Oct 24 12:44:53 AEST 2006
This opens up a whole new world for fraud!
Just sit at a rail way station with a PDA and reader, mobile phone and
start reading and debiting cards for $2 :)
By the time authorities link all the "fraud" claims, assuming anyone would
bother to report a $2 transaction, and discover the location, the stations
security tapes would be long gone!
Money for nothing. Now I just need to work out the "Chicks for Free" part.
>>AMHERST, Mass. They call it the Johnny Carson attack, for his
>>comic pose as a psychic divining the contents of an envelope.
>>Tom Heydt-Benjamin tapped an envelope against a black plastic box
>>connected to his computer. Within moments, the screen showed a
>>garbled string of characters that included this: fu/kevine, along
>>with some numbers.
>>Mr. Heydt-Benjamin then ripped open the envelope. Inside was a
>>credit card, fresh from the issuing bank. The card bore the name of
>>Kevin E. Fu, a computer science professor at the University of
>>Massachusetts, Amherst, who was standing nearby. The card number
>>and expiration date matched those numbers on the screen.
>>The demonstration revealed potential security and privacy holes in
>>a new generation of credit cards cards whose data is relayed by
>>radio waves without need of a signature or physical swiping through
>>a machine. Tens of millions of the cards have been issued, and
>>equipment for their use is showing up at a growing number of
>>locations, including CVS pharmacies, McDonalds restaurants and
>>many movie theaters.
More information about the Link