SO theres a lot of hubbub around these cards and how people can commit fraud, whos had this happen to them? or done it themselves.
Ive collected about 23 cards in the past month and Ive read that they can still work even after being cancelled. Should I just go out and try, for science?
Im not gonna much out of it, maybe a few free groceries.
>>1921992
How did you collect them?
>>1921992
Are you not scared of being caught?
>>1921992
Fraud is pretty bad anon, they will prosecute you and there's cameras in almost every grocery store.
>>1921992
there is a ttl on the transmission IDs, you have to replay the info within a short period of time (<30 sec IIRC) and even then it only works if the bank set up the validation wrong.
If you think CC companies didn't think about every idiot with a RFID reader trying to steal money you're kidding yourself, these contactless payment cards have been used all over the world for years.
also, transaction limits without a pin are low on these cards in most places.
>>1921993
lost property
>>1921994
>>1921998
not really, wont get greedy.
Works or it dunt really, its more embarrassing that anything.
>>1922006
Yup. You are right. UK debit cards are limited to about £20/30. The exploit is larger supermarket chains 'refresh' their payments over night, not at POS.
This means you can go overdrawn without even knowing, even without contactless.
Cards CAN be used up to 8 months after being cancelled, depending on issuer etc etc, as long as you check how your targetted retailer takes its transactions.
>>1921992
so for a few free groceries you'r gonna commit a felony?
>>1922079
>implying your US laws apply to me
>>1921992
>how people can commit fraud
man in the middle attacks are easy at places where people stand in line.
skimming the card info will not get you far without visual read on the security code for online purchase.
>Ive read that they can still work even after being cancelled.
no
>>1922006
it's not hard to skim an unshielded card further down the line before the cashier. the fact is the terminal readers only work from a few millimeters but you can read them from a few meters with a decent transmitter and pull a replay attack well within the 30 seconds with a spoof card. laptop and transmitter goes in the backpack wires to the card under clothing and hidden by the hand. touch and go.
i have not heard of this method used but it's very very easy when the payment does not require a pin.
>>1922410
and also you can use an accomplice that stands in the crowd transmitting nfc while you use say your private wifi provided by mobiles to stay in touch with him and pay with replay attacks.
that is why i always put my rf cards into a shielded sheath. a single layer of tinfoil pretty much makes this attack impossible.