Minty Posted April 10, 2018 Share Posted April 10, 2018 (edited) CON-TACTLESS How crooks are using a legal app to steal your bank card details in under one SECOND The Sun on Sunday tested it on a busy high street and were able to clone a test 'victim's' credit card in seconds CONTACTLESS card fraud has doubled in the past year – and The Sun on Sunday can reveal just how easy it is to fall victim while you shop. Our investigation found that a widely available app allows thieves to clone tap-and-go credit and debit cards in just ONE SECOND by pressing up against shoppers. The software turns a mobile phone or tablet into a scanner, meaning a crook can spend your money without reaching into your pocket. Our reporter tried the app on a busy high street and cloned a credit card we gave to our test “victim” with a simple swipe of a hand. “A fraudster can go online shopping with your money. They can also go to popular travel websites and book a luxury holiday that you or your bank will have to pay for. The fact it is so easy to copy a contactless card is a huge concern.” The app — which we are not naming — can be downloaded to Android devices such as a Samsung tablet or phone through the Google Play store. It is not available on Apple devices, as the tech giant requires companies to be certified. Google Play is an open platform where any developer can release an app, meaning it is easier to abuse. Once installed, you simply place the gadget close to someone carrying a contactless card and their long card number and expiry date appear on the screen. Our reporter copied a card, which was in our model’s pocket, at a number of locations across London, including an ATM, a supermarket, the Tube and by her car. The app could not penetrate a handbag as it requires closer proximity to the contactless chip to clone it. It does not copy the CVV — the three-digit security code on the back — but some websites, including Amazon, do not ask for this when you buy online. The long card number and expiry date can also be sold on the dark web to other thieves for as little as £5 a time. The findings are frightening at a time when contactless — which allows you to make purchases up to £30 without a PIN or signature — is so popular. The number of such cards has doubled in the past three years, from 59million in 2015 to 119million by the end of 2017. Shoppers spent £52billion using contactless in the past 12 months. In the same period around £14million was stolen — up from £6.9million the year before — and experts fear the real figure could be much higher. Richard Emery, of security company 4Keys, said: “For now, the banks are absorbing most of the cost of contactless fraud and paying people back when money is stolen. “They want people to switch from cash to contactless, so are accepting a certain loss. But we don’t know how long that will continue. How at risk you are depends on your lifestyle. If you spend most of your time going for solitary walks in the countryside you don’t have to worry much about contactless fraud. “But if you live in busy environments or go clubbing with your credit card stuffed in your back pocket, you might want to consider getting a protected wallet to make sure it doesn’t happen to you.” Most contactless fraud takes place when the owner has been separated from their card, either through losing it or because it was stolen. But banks admit that even after a card is cancelled, they cannot immediately stop other people from using it. Edited April 10, 2018 by Minty Quote Link to comment Share on other sites More sharing options...
ktv303 Posted April 10, 2018 Share Posted April 10, 2018 thought you had to enter your pin(in a shop)or 3 digits on the sig strip(online) if you where using it for more than £30? Quote Link to comment Share on other sites More sharing options...
Minty Posted April 10, 2018 Author Share Posted April 10, 2018 I believe you are correct ktv, it means they can get you without codes/pin under £30. just image your on the underground/night club/pubs/restaurants etc ,how many people they can swipe. (i think I found the app on play store) But you can get RFID wallet, and sleeves to help you block them from amazon etc. Quote Link to comment Share on other sites More sharing options...
Minty Posted April 10, 2018 Author Share Posted April 10, 2018 Here is the link: Link Quote Link to comment Share on other sites More sharing options...
Snuffs99 Posted April 10, 2018 Share Posted April 10, 2018 Love the way they wont tell you the app yet have a picture with the app name (credit card reader, how original) in it.....DOH! https://play.google.com/store/apps/details?id=com.github.devnied.emvnfccard&hl=en_GB Quote Link to comment Share on other sites More sharing options...
Minty Posted April 10, 2018 Author Share Posted April 10, 2018 Yes that’s what I got, but I don’t know if was allowed to post it. i might have to try it for research on the missus, about time she brought some drinks in the pub. grand national will be a good day lol Quote Link to comment Share on other sites More sharing options...
Crashuk Posted April 11, 2018 Share Posted April 11, 2018 Just had to replace my card as it was damaged. Asked for a non contactless replacement card as I knew this sort of thing would start happening. Bloke in bank tried to talk me out of it saying they are safe. Wankers dont have a clue ! Quote Link to comment Share on other sites More sharing options...
ktv303 Posted April 11, 2018 Share Posted April 11, 2018 surely though, if you had your card scanned by some random in a pub youd easily get your money back off the bank, i mean it you wouldnt be paying a company or anything, it would just go to some ones personal account so id imagine you could just tell the bank and theyd claw it back form the account it went into. hassle but not the end of the world. Quote Link to comment Share on other sites More sharing options...
Zeftron Posted April 11, 2018 Share Posted April 11, 2018 Just downloaded this to have a try. The way my wallet sits, I can't scan anything unless I open it. The full version is on Mobilism if you want it - not sure what practical use this is other than a proof of concept app. Quote Link to comment Share on other sites More sharing options...
daz2905 Posted April 11, 2018 Share Posted April 11, 2018 A couple of months ago someone went on a spending spree with my contactless santander business card. I've had the account with them for almost a year and for the first time went to the branch to pay in cheques only to find out you can't pay them in at the counter and have to use the ATM. I had no idea how to do it and one of the cashiers showed me and i left the card in the machine because i was distracted. I realised i didn't have it 3 days later, checked online and saw transactions at new look, sports direct, poundstretcher, morrisons and jd sports internet. About £260 in total. All done on a card that i'd never even used as contactless and never used in a high street store. Unbelievable really, although i'm the twat that left it in the machine i can't believe that so many transactions were done in a 2 hour period on a business card never used like that before. I thought you had to put a pin in on the first transaction to activate but apparently not. Anyway got my refund and now have a non contactless card. They're so obsessed with trying to make us a cashless society they are swallowing huge losses. It scares me when you see how this new technology is being breached. It's getting ridiculous how easy it is for someone to steal your car or empty your bank account. Quote Link to comment Share on other sites More sharing options...
Minty Posted April 12, 2018 Author Share Posted April 12, 2018 Just downloaded the app, you put card to back of phone, job done in 2 seconds. it has extra data on it, and shows you all your transactions. try for yourselfs and do what Diaz said, change our cards to non countless card. Quote Link to comment Share on other sites More sharing options...
hoponbaby Posted April 12, 2018 Share Posted April 12, 2018 23 hours ago, ktv303 said: surely though, if you had your card scanned by some random in a pub youd easily get your money back off the bank, i mean it you wouldnt be paying a company or anything, it would just go to some ones personal account so id imagine you could just tell the bank and theyd claw it back form the account it went into. hassle but not the end of the world. Presumably though they can add your card details to the wallet/apple pay etc function and then be using that to pay for anything up to the £30 limit - you could be drinking in the same pub and paying for every round. Quote Link to comment Share on other sites More sharing options...
ktv303 Posted April 13, 2018 Share Posted April 13, 2018 22 hours ago, hoponbaby said: Presumably though they can add your card details to the wallet/apple pay etc function and then be using that to pay for anything up to the £30 limit - you could be drinking in the same pub and paying for every round. aye right enough, youd have a problem claiming half the bill wasnt yours or like what usually happens just wake up and thing WTF did i do last night Quote Link to comment Share on other sites More sharing options...
K3-Dude Posted July 7, 2018 Share Posted July 7, 2018 I tried asking for non contactless new card and they said the same ' there really safe ' until I said look on youtube to see how easy it is to scan a debit card / Credit card I stuck it out until they gave me one. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.