Jump to content

Worth The Watch (Non-Aviation)

Kip Powick

By Kip Powick
in Airline Aviation Forum

Recommended Posts

Specs

Specs

Posted
Posted

We've been using digital door locks for nearly a decade. Got to say they're convenient as all heck and work flawlessly but I might look at replacing them with units that have metal number pads.

Link to comment
Share on other sites
inchman

inchman

Posted
Posted

The perp would have to be right behind you in line and they would probably be able to see what code you put in anyway. And, if they held their phone in the same way as that guy, they could video you putting in your pin. The keyboard covers on PIN pads are virtually useless. Then, they would have to pickpocket you because your PIN doesn't do anything all by itself. If someone is skimming cards, the compromised PIN pad would simply record your PIN... no camera needed.

Finally, if you use a credit card, instead of a debit card, your liability is limited to $50 for fraudulent use.

The issue of a door lock is a bit different because the PIN provides direct access, but either do as J.O. suggests or press a number of buttons and/or press a couple of the same buttons in the wrong order. Or, you could confront the guy taking pictures of your door after you enter or call the cops on him.

So yes, this, in theory, could be an issue and is an interesting exposé. Could any of us expect to be violated in this way?.... probably not. I take reasonable precautions to avoid getting scammed both in my home city and on layovers, but I don't plan on goofing around with PIN pads and hope that too many people don't start or checking out of the grocery store will become a PITA while everyone "heats" their tracks.

Link to comment
Share on other sites
boestar

boestar

Posted
Posted

If you have an "Interac Flash" enabled card you are at risk of skimming without the need to access the card. The RFID chip can be read from a distance of about 10 inches with the proper equipment and you would never know. Visa and Mastercard have the same issue. My RFID enabled cards are in a Sleeve that prevents skimming them.

Link to comment
Share on other sites
inchman

inchman

Posted
Posted

Chase spokesman Paul Hartwick says the security codes on its contactless cards are designed to change with every transaction, as they are with most RFID-enabled cards, so that even if a card is counterfeited, it would work for only one fraudulent transaction.

Shields or wallets marketed as RFID-blocking devices can make it more difficult for someone with an electronic reader to read your cards, but they don’t entirely block transmission of card data. When Recursion’s security experts tested 10 types of shields and wallets currently being sold to protect contactless cards, they found that none blocked the signal completely, and there was dramatic variability even among samples of the same brand. Using a different approach, Recursion’s experts created a credit-card-sized jamming device for the wallet that prevents cards from responding to any reader.

http://www.consumerreports.org/cro/magazine-archive/2011/june/money/credit-card-fraud/rfid-credit-cards/index.htm

So, yer screwed... if, if, if, but only once, whether or not you use a card shield.

And Chip and "contactless" are different technologies. Contactless (remotely skimmable) is the "Tap and Go" feature and you don't need a PIN anyway. The contact chip part of the card is not remotely skimmable, and requires a PIN. Since the internal code changes with each use (just like your garage door opener), if you use it before the perp uses it, theirs won't work when they try.

http://www.sankytechnology.com/index.php?r=site/Pinfo&ID=14

So, the real defence to all of this is to use your card often.

People are much more likely to have their credit card information compromised by simply using them with companies like Target or Home Depot.

Link to comment
Share on other sites
cp fa

cp fa

Posted
Posted

Ours get compromised at least once a year. Sometimes we catch it, sometimes the credit card company does. We've never been on the hook for any of the charges, so other than the inconvenience of being without a card for a few days while the new one is being delivered, so far it hasn't been that big a deal.

Not to say that one shouldn't be vigilant, and the keypad info is good to know, but I think in this day and age, we have to assume this is going to happen sometimes and not let it wreck your day.

Link to comment
Share on other sites
boestar

boestar

Posted
Posted

I have 3 contactless cards on my desk right now. I also have a reader that reads the chip on the card. Every time I swipe the card I get the same result. The RFID technology on the card does not rotate codes as described. At least not on the cards I have here which are 3 different types. The RFID chips are a fairly simple technology but are read only technology.

The CHIP contacts card is read write however.

My cards have been compromised 3 times but every time it was done where swiping the card was required not the chip or tap.

Link to comment
Share on other sites
boestar

boestar

Posted
Posted

I just had a look at the specifics. The reader must be compliant with the system and linked to the system to work. I get the same code because there is no link to issue a new code to the card so no code rotation. That explains my result here. I would imagine that the banks have their systems linked for this to function.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing


×
×
  • Create New...