Home |
Search |
Today's Posts |
|
UK diy (uk.d-i-y) For the discussion of all topics related to diy (do-it-yourself) in the UK. All levels of experience and proficency are welcome to join in to ask questions or offer solutions. |
Reply |
|
|
LinkBack | Thread Tools | Display Modes |
#1
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
This article http://www.bbc.co.uk/news/business-22545804 appears to
vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. More and more financial institutions are now using these things, making it very difficult to avoid unless you do away with credit and debit cards altogether. I've unfortunately still ended up with one or two, but they never leave the house and are used only for on-line transactions. The sooner the whole idea is re-thought, the better! [1] Using the very dubious tactic of pretending that my previous card had been "compromised" (which I'm damn sure it hadn't!) in order to provide a pretext for needing to issue a new card long before the old one had expired. -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
#2
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
Can always re-purpose the tin foil from the hat to screen the card
|
#3
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On Monday, May 20, 2013 2:22:00 PM UTC+1, Lee wrote:
Can always re-purpose the tin foil from the hat to screen the card You would need a ferrite-based card holder to deny magnetic field access. Could be a business opportunity. rusty |
#4
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 05/20/2013 02:13 PM, Roger Mills wrote:
This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. More and more financial institutions are now using these things, making it very difficult to avoid unless you do away with credit and debit cards altogether. I've unfortunately still ended up with one or two, but they never leave the house and are used only for on-line transactions. The sooner the whole idea is re-thought, the better! [1] Using the very dubious tactic of pretending that my previous card had been "compromised" (which I'm damn sure it hadn't!) in order to provide a pretext for needing to issue a new card long before the old one had expired. There's several Youtube videos on disabling them but I suspect they're using US cards pre-Chip and Pin and it looks like you'd damage that area as well. Andy C |
#5
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 05/20/2013 03:08 PM, Tim Streater wrote:
In article , Roger Mills wrote: This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. I don't believe I've seen one of these. Is it obvious what they are? Or might I find that the CC company sent me one when the current card expired and I didn't know it? Put "contactless card symbol" into Google. |
#6
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On Mon, 20 May 2013 06:38:41 -0700 (PDT), therustyone
wrote: On Monday, May 20, 2013 2:22:00 PM UTC+1, Lee wrote: Can always re-purpose the tin foil from the hat to screen the card You would need a ferrite-based card holder to deny magnetic field access. Could be a business opportunity. Mu-metal. -- Frank |
#7
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 14:38, therustyone wrote:
On Monday, May 20, 2013 2:22:00 PM UTC+1, Lee wrote: Can always re-purpose the tin foil from the hat to screen the card You would need a ferrite-based card holder to deny magnetic field access. Could be a business opportunity. Here's one company that has been offering products for several years. I expect there are others. http://difrwear.com/ Bernie |
#8
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 15:42, Tim Streater wrote:
In article , Andy Cap wrote: On 05/20/2013 03:08 PM, Tim Streater wrote: In article , Roger Mills wrote: This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. I don't believe I've seen one of these. Is it obvious what they are? Or might I find that the CC company sent me one when the current card expired and I didn't know it? Put "contactless card symbol" into Google. I see, thanks. Hmmm, looks like it's too late. If you carry it around, keep it in a lead sheath! -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
#9
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 14:38, therustyone wrote:
On Monday, May 20, 2013 2:22:00 PM UTC+1, Lee wrote: Can always re-purpose the tin foil from the hat to screen the card You would need a ferrite-based card holder to deny magnetic field access. Could be a business opportunity. rusty But if the same issue applies to NFC mobiles, the ferrite will play merry hell with recpetion... -- Rod |
#10
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
Roger Mills wrote:
If you carry it around, keep it in a lead sheath! Silver is best, then copper, but aluminium foil seems quite good, as tested with Oyster cards, which use the same near field communication standards. Lead is likely to be relative non-conductive. Sandwiching them between two Oyster cards may also trigger a multiple card error. You can get foil lined card sheaths, and even foil lined card wallets (e.g. google "rfid blocking wallet"). The foil probably detunes the circuit, as well as screening it. |
#11
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On Monday 20 May 2013 14:38 therustyone wrote in uk.d-i-y:
On Monday, May 20, 2013 2:22:00 PM UTC+1, Lee wrote: Can always re-purpose the tin foil from the hat to screen the card You would need a ferrite-based card holder to deny magnetic field access. Could be a business opportunity. rusty Or you could just tell your bank to replace them... -- Tim Watts Personal Blog: http://squiddy.blog.dionic.net/ http://www.sensorly.com/ Crowd mapping of 2G/3G/4G mobile signal coverage Reading this on the web? See: http://wiki.diyfaq.org.uk/index.php?title=Usenet |
#12
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 15:42, Tim Streater wrote:
In article , Andy Cap wrote: On 05/20/2013 03:08 PM, Tim Streater wrote: In article , Roger Mills wrote: This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. I don't believe I've seen one of these. Is it obvious what they are? Or might I find that the CC company sent me one when the current card expired and I didn't know it? Put "contactless card symbol" into Google. I see, thanks. Hmmm, looks like it's too late. I seem to recall that my bank wrote to me saying they were going to issue these things, and to object if you did not want one. I did, and later they sent one anyway. I wrote and pointed out I had requested not to have one, and they said basically "tough, its policy now!" -- Cheers, John. /================================================== ===============\ | Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------| | John Rumm - john(at)internode(dot)co(dot)uk | \================================================= ================/ |
#13
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 15:39, Frank Erskine wrote:
On Mon, 20 May 2013 06:38:41 -0700 (PDT), therustyone wrote: On Monday, May 20, 2013 2:22:00 PM UTC+1, Lee wrote: Can always re-purpose the tin foil from the hat to screen the card You would need a ferrite-based card holder to deny magnetic field access. Could be a business opportunity. Mu-metal. Probably needs to be a sandwich of mu-metal inside copper inside silver to get maximum screening in minimum thickness. According to that R4 consumer programme some M&S terminals were particularly aggressive about using contactless cards at a distance. It is clear folly to have contactless unvalidated transactions. No-one needs to be able to buy things whilst wizzing past on a water slide! -- Regards, Martin Brown |
#14
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 15:08, Tim Streater wrote:
In article , Roger Mills wrote: This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! Advantage is they can probably only grab £20 at a time. I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. I don't believe I've seen one of these. Is it obvious what they are? Or might I find that the CC company sent me one when the current card expired and I didn't know it? Depends how good you are at playing "guess the icon". Contactless cards icon is "))))" with each one getting bigger. If you have a Barclaycard chances are it as this functionality now. -- Regards, Martin Brown |
#15
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
In uk.d-i-y Andy Cap wrote:
There's several Youtube videos on disabling them but I suspect they're using US cards pre-Chip and Pin and it looks like you'd damage that area as well. A carefully placed drill hole should do the trick. If anyone asks, you drilled it to keep cards on your keychain like those Tesco Clubcard thingies. Theo |
#16
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 18:00, Martin Brown wrote:
Probably needs to be a sandwich of mu-metal inside copper inside silver to get maximum screening in minimum thickness. Looking at BS ISO/IEC 14443-2 reveals that the operating frequency for these cards is 13.56 MHz - one of the ISM 'free-radiation' freqs. Hence low-frequency screening techniques such as mu-metal aren't particularly relevant. Wrapping the card in aluminium foil ought to work fine. Ideally all the seams should make good contact, but you're not looking for a particularly high screening factor and more or less any sort of overall wrap ought to do the trick. -- Andy |
#17
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 18:03, Martin Brown wrote:
On 20/05/2013 15:08, Tim Streater wrote: In article , Roger Mills wrote: This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! Advantage is they can probably only grab £20 at a time. But they can probably do it multiple times before being asked for a PIN - and rack up quite a bill in the process. -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
#18
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
Roger Mills explained on 20/05/2013 :
This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. More and more financial institutions are now using these things, making it very difficult to avoid unless you do away with credit and debit cards altogether. I've unfortunately still ended up with one or two, but they never leave the house and are used only for on-line transactions. The sooner the whole idea is re-thought, the better! [1] Using the very dubious tactic of pretending that my previous card had been "compromised" (which I'm damn sure it hadn't!) in order to provide a pretext for needing to issue a new card long before the old one had expired. A sheet of cooking foil, in with the notes of your wallet, would probably be enough to defeat it. -- Regards, Harry (M1BYT) (L) http://www.ukradioamateur.co.uk |
#19
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 17:44, John Rumm wrote:
I seem to recall that my bank wrote to me saying they were going to issue these things, and to object if you did not want one. I did, and later they sent one anyway. I wrote and pointed out I had requested not to have one, and they said basically "tough, its policy now!" CapitalOne didn't provide an option of any kind - they just sent out the new cards. I had several irate phone conversations with their CS staff - all to no avail - so I told them to stuff their card! I assume they believe that if transactions are easier to carry out, people will use them for small purchases in preference to cash, and they (the card companies) will get lots of extra revenue. -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
#20
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 18:53, Theo Markettos wrote:
In uk.d-i-y Andy wrote: There's several Youtube videos on disabling them but I suspect they're using US cards pre-Chip and Pin and it looks like you'd damage that area as well. A carefully placed drill hole should do the trick. If anyone asks, you drilled it to keep cards on your keychain like those Tesco Clubcard thingies. Theo Do you have a template for where it needs to be drilled? [I assume that it's not as simple as drilling out the contactless icon]. -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
#21
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
In article ,
Roger Mills wrote: On 20/05/2013 18:53, Theo Markettos wrote: Do you have a template for where it needs to be drilled? [I assume that it's not as simple as drilling out the contactless icon]. If it's like our cards at work (mifare classic) then a small crack at the edge is enough to break the antenna and stop it working :-( Darren |
#22
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 05/20/2013 08:10 PM, Roger Mills wrote:
Advantage is they can probably only grab £20 at a time. But they can probably do it multiple times before being asked for a PIN - and rack up quite a bill in the process. I believe it's £50/day max and they promise to refund any fraudulent transactions. |
#23
Posted to uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
Andy Wade wrote:
On 20/05/2013 18:00, Martin Brown wrote: Probably needs to be a sandwich of mu-metal inside copper inside silver to get maximum screening in minimum thickness. Looking at BS ISO/IEC 14443-2 reveals that the operating frequency for these cards is 13.56 MHz - one of the ISM 'free-radiation' freqs. Hence low-frequency screening techniques such as mu-metal aren't particularly relevant. Wrapping the card in aluminium foil ought to work fine. Ideally all the seams should make good contact, but you're not looking for a particularly high screening factor and more or less any sort of overall wrap ought to do the trick. At 13.56 Mhz the wavelength is something around 20 metres so any sort of mesh with holes much smaller than that (hardly difficult!) would screen it very effectively. -- Chris Green · |
#24
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 20:31, D.M.Chapman wrote:
In article , Roger Mills wrote: On 20/05/2013 18:53, Theo Markettos wrote: Do you have a template for where it needs to be drilled? [I assume that it's not as simple as drilling out the contactless icon]. If it's like our cards at work (mifare classic) then a small crack at the edge is enough to break the antenna and stop it working :-( Darren Surely *someone* has access to an X-ray machine so that we can map how to disable them without shafting the chip! |
#25
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
newshound wrote:
Surely *someone* has access to an X-ray machine so that we can map how to disable them without shafting the chip! By shining a bright LED torch though various MiFARE type cards I can easily see the aerial wires running round the cards, but on a Barclays contactless card I can't see anything other than the chip itself ... |
#26
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 20:59, Andy Cap wrote:
On 05/20/2013 08:10 PM, Roger Mills wrote: Advantage is they can probably only grab £20 at a time. But they can probably do it multiple times before being asked for a PIN - and rack up quite a bill in the process. I believe it's £50/day max and they promise to refund any fraudulent transactions. So how do you prove that *you* didn't make the transaction? -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
#27
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 21:58, Huge wrote:
On 2013-05-20, Roger wrote: On 20/05/2013 18:03, Martin Brown wrote: On 20/05/2013 15:08, Tim Streater wrote: In , Roger wrote: This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! Advantage is they can probably only grab £20 at a time. But they can probably do it multiple times before being asked for a PIN 4 - and rack up quite a bill in the process. Therefore £80 Not insignificant! -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
#28
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 22:31, Andy Burns wrote:
newshound wrote: Surely *someone* has access to an X-ray machine so that we can map how to disable them without shafting the chip! By shining a bright LED torch though various MiFARE type cards I can easily see the aerial wires running round the cards, but on a Barclays contactless card I can't see anything other than the chip itself ... Good thinking. Works on two of my site passes but not the third. Can't spot an obvious aeriel loop on any of my Visa cards, only one of them is marked contactless enabled. Perhaps it is behind the ferrite stripe or the tamper proof signature strip? One of the two holograms is "blotchy", the other is completely opaque. |
#29
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
"Roger Mills" wrote in message ... On 20/05/2013 20:59, Andy Cap wrote: On 05/20/2013 08:10 PM, Roger Mills wrote: Advantage is they can probably only grab £20 at a time. But they can probably do it multiple times before being asked for a PIN - and rack up quite a bill in the process. I believe it's £50/day max and they promise to refund any fraudulent transactions. So how do you prove that *you* didn't make the transaction? It's called "trust" LOL. Some years back someone was pulling from my debit card, 2 or 3K ish. I didn't know until the statement arrived. Phoned the bank, told them which payments weren't made by me and they simply refunded. I maybe had to sign something, can't remember. |
#30
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
Roger Mills wrote:
On 20/05/2013 20:59, Andy Cap wrote: I believe it's £50/day max and they promise to refund any fraudulent transactions. So how do you prove that *you* didn't make the transaction? I think the boot's on the other foot http://www.legislation.gov.uk/uksi/2.../contents/made god knows where in that lot though ... |
#31
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On Mon, 20 May 2013 20:14:37 +0100, Harry Bloomfield wrote:
Roger Mills explained on 20/05/2013 : This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. More and more financial institutions are now using these things, making it very difficult to avoid unless you do away with credit and debit cards altogether. I've unfortunately still ended up with one or two, but they never leave the house and are used only for on-line transactions. The sooner the whole idea is re-thought, the better! [1] Using the very dubious tactic of pretending that my previous card had been "compromised" (which I'm damn sure it hadn't!) in order to provide a pretext for needing to issue a new card long before the old one had expired. A sheet of cooking foil, in with the notes of your wallet, would probably be enough to defeat it. http://www.lessemf.com/fabric.html -- Use the BIG mirror service in the UK: http://www.mirrorservice.org My posts (including this one) are my copyright and if @diy_forums on Twitter wish to tweet them they can pay me £30 a post *lightning surge protection* - a w_tom conductor |
#32
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
Roger Mills wrote:
But they can probably do it multiple times before being asked for a PIN 4 - and rack up quite a bill in the process. Therefore £80 Not insignificant! I think the reverification policy is actually an issue for the bank, based on the perceived level of risk. They, or the card, might well trigger a verification if there were a smaller number of transactions all very close to the limit, or on a random basis. In part the amount at risk is chosen to similar to the amount of cash that might be lost to a pick pocket. |
#33
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
Bob Eager wrote:
On Mon, 20 May 2013 20:14:37 +0100, Harry Bloomfield wrote: A sheet of cooking foil, in with the notes of your wallet, would probably be enough to defeat it. http://www.lessemf.com/fabric.html A lot of those materials are not specified at the frequencies used for the cards, which are in the short waves. Most of the materials seem to be designed for microwave use. |
#34
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
On 20/05/2013 17:44, John Rumm wrote:
.... I seem to recall that my bank wrote to me saying they were going to issue these things, and to object if you did not want one. I did, and later they sent one anyway. I wrote and pointed out I had requested not to have one, and they said basically "tough, its policy now!" My bank wrote to me to ask if I wanted them and also offered me a sticker to put on my mobile phone that would work as a contactless card. I said no to both and my personal cards from that bank are not contactless, although my business cards from the same bank are. Colin Bignell |
#36
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
In uk.d-i-y Roger Mills wrote:
On 20/05/2013 18:53, Theo Markettos wrote: In uk.d-i-y Andy wrote: There's several Youtube videos on disabling them but I suspect they're using US cards pre-Chip and Pin and it looks like you'd damage that area as well. A carefully placed drill hole should do the trick. If anyone asks, you drilled it to keep cards on your keychain like those Tesco Clubcard thingies. Theo Do you have a template for where it needs to be drilled? [I assume that it's not as simple as drilling out the contactless icon]. I've not tried this, but: http://linuxcentre.net/disabling-contactless-cards The loop antenna goes around the edge, so any cut sufficiently deep into the three edges furthest from the chip should do it. However that's not mechanically stable (ie is liable to turn into a larger tear). X-rays: http://imageshack.us/a/img89/4470/cardswb.jpg Based on the sample I have here, I think the top two cards may be from TCT (look at the tiny print on the top right of the back of your card) - I think that's Thames Card Technology (who provide the cards to the bank, but aren't themselves the manufacturer). What's curious about these is the lack of visible antenna on the X-ray. However it may be a polymer antenna not metal. Assuming the polymer antenna is in the same place as the copper on other cards, drilling about 5mm in from the long edge of the card should do the trick. Theo |
#37
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
In message , David Woolley
writes Bob Eager wrote: On Mon, 20 May 2013 20:14:37 +0100, Harry Bloomfield wrote: A sheet of cooking foil, in with the notes of your wallet, would probably be enough to defeat it. http://www.lessemf.com/fabric.html A lot of those materials are not specified at the frequencies used for the cards, which are in the short waves. Most of the materials seem to be designed for microwave use. Something I read earlier today suggested keeping two (or more) cards close together as they interfere and cancel out any accidental transaction. This certainly works for my security passes - the correct card has to be removed from the stack in the card holder to work. A M&S PoS terminal was tested by I can't remember whom and found to have a maximum NFC range of 5cm. -- Nick (=----) |
#38
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
In article ,
Nick wrote: Something I read earlier today suggested keeping two (or more) cards close together as they interfere and cancel out any accidental transaction. This certainly works for my security passes - the correct card has to be removed from the stack in the card holder to work. A M&S PoS terminal was tested by I can't remember whom and found to have a maximum NFC range of 5cm. I wouldn't rely on that. I regularly travel in London with both my Oyster card and my word ID card. Both are Mifare classics - if I have them both in my wallet about 75% of the time the oyster readers get it right, 25% of the time I get an error. Removing my id card cures it. Likewise the other way around - word security readers barf around 25% of the time if my oyster card is in my wallet. So while it does appear to confuse it sometimes, it's far from a reliable method! (might be different for non-mifare classic cards, but I'd not rely on it). Darren |
#39
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
Roger Mills wrote:
This article http://www.bbc.co.uk/news/business-22545804 appears to vindicate what I have always said about contactless cards. Not only are they vulnerable to fraud by villains with scanners who don't need to get close enough to arouse suspicion, but it now seems that they're also vulnerable to *accidental* use! I'm very glad that I ditched my CapitalOne card when they insisted [1] on replacing it with a contactless card. More and more financial institutions are now using these things, making it very difficult to avoid unless you do away with credit and debit cards altogether. I've unfortunately still ended up with one or two, but they never leave the house and are used only for on-line transactions. The sooner the whole idea is re-thought, the better! [1] Using the very dubious tactic of pretending that my previous card had been "compromised" (which I'm damn sure it hadn't!) in order to provide a pretext for needing to issue a new card long before the old one had expired. If you want to use the contactless facility every now and then, store it in your wallet with an oyster card on top. The mifare system cannot differentiate between two co located cards. Otherwise just disable it by cutting a part or all the way through with a Stanley knife as shown here on my barclaycard http://i115.photobucket.com/albums/n...s/IMG_1790.jpg This has no effect on the chip and pin function or the mag stripe swipe. |
#40
Posted to uk.finance,uk.d-i-y
|
|||
|
|||
Contactless cards again! [OT in uk.d-i-y]
D.M.Chapman wrote:
I wouldn't rely on that. I regularly travel in London with both my Oyster card and my word ID card. Both are Mifare classics - if I have them both in my wallet about 75% of the time the oyster readers get it right, 25% of the time I get an error. Removing my id card cures it. Likewise the other way around - word security readers barf around 25% of the time if my oyster card is in my wallet. That's handled by the discovery protocol, which should try to establish the serial number of the card and address further requests to other cards. In theory it is supposed to be able to detect multiple numbers and abort the transaction, but it sounds like it might not be as good as it might be. I believe the discovery protocol applies to all the ISO standard cards, on that frequency, not just NXP's Mifare ones. |
Reply |
|
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Sound Cards | Electronic Schematics | |||
OT ... ID cards | UK diy | |||
OT - Could this be the new SS cards? | Metalworking | |||
way OT but not political - anyone need some 155MBPS ATM cards (no, not money cards) | Metalworking | |||
WTB: Epson RAM Cards | Electronics |