Your Credit Card Needs a Tin Foil Hat
By Frank Forte
I recently discovered something interesting about how PayPass works. I was testing out NFC tags for my website LikeScan.com, when i learned that NFC tags can be read AND written by a smartphone (specific phones that are NFC enabled like the Samsung Galaxy Nexus).
I was immediately intrigued and decided to do a thought experiment. If I could read the data from a credit card that uses NFC, like those with PayPass, and then write it to a new NFC tag, I could use that NFC tag to pay for things. There is no reason that the copy would not work at a payment terminal! So, i tested it out. I had to try a number of free apps. Some could not understand the protocol, but i found one quickly. Soon after i found one that allows the smartphone to read, then immediately write the data, effectively making a copy. I have yet to test out my new Tag at the grocery store, but i am sure it will work. I wonder if the cashier will give me a funny look.
Okay, getting past the "scientific" value of what I just discovered, let’s talk about this in practical terms… Â this is a huge security concern! If someone wanted to copy your “PayPass” they need to hold the phone right against the card. I tried through my wallet but it did not work. But people have been known to go the extra length to copy credit card magnetic strips, so i don’t see why someone wouldn’t develop a stronger reader that could go through your purse or pocket.
So how does this all relate to the title of the article? Â I am now selling Tin Foil Hats for your credit card. Only $5 plus shipping and handling. Contact me for ordering details.