Alright, this is getting out of hand. We were a little wary at the first when we heard about tying RFID so closely to our monies, and that Chase Bank blink card of ours has been collecting dust ever since it showed up in the mail, but the latest failings of RFID "security" have us running for the hills -- tin foil hat in tow. Apparently some UK scoundrels teamed up with a crooked gas station attendant to nab credit card numbers from RFID smart card-enabled credit cards. They then stashed this info on the magnetic strips of phone cards, and flew over to India to make withdrawls. Since Indian ATMs don't require the double identification of RFID smart card and magnetic strip, just the strip, they were able to manage quite a bit of cash before a vigilant security guard spotted them making withdrawls from multiple cards in succession. The gang of four men were caught with $14,000 and 116 credit cards. To make things worse, the UK Cyber Crime Unit wasn't even aware of the existence of RFID chips, (makes sense, since the cards don't use such technology) and we're not sure what's to stop another group of clever hackers making off with another set of credit cards and forever ruining any hope of security we've managed to hold onto so far.

UPDATE: Turns out there was some serious misinformation floating around, since UK cards don't even use RFID, but instead operate with smart cards that require physical contact. This makes roughly 95% of our ranting completely irrelevant, but the heist is disconcerting all the same.

[Via Boing Boing]

0 Comments

UK's ATM cards thoroughly trounced by ID thieves