In a recently published paper, University of Surrey researchers detailed their efforts to assess the ease and efficacy of eavesdropping attacks against contactless payment transactions, such as those involving near-field communications (NFC) technology.
The researchers found that contactless payments are more vulnerable then previously believed, and that data from such transactions can be stolen more easily and reliably than has been previously done.
The researchers constructed an easily concealable antenna from low-cost electronics, a DAQ card, and a shopping cart, which enabled them to capture sensitive data from contactless payment cards. The security researchers said the receiver could be assembled at low cost and easily concealed in a backpack. They said the system produced "consistently good results [and] performed well across most distances."
As a result, the researchers said that an attacker "shopping for credit card data" would have to do no more than stand in line with a shopping cart while the victim paid for his or her purchase.
The researchers next plan to extend their experiment to smartphones using NFC technology.
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA
No entries found