Emplacement du Sujet : Accueil du forum » General » General Chat
Liu Ping Jui 30 '17
Channel 4 News has revealed fraudsters could acquire the data held on Barclays Bank contactless card users by scanning the cards with mobile phones.

Channel 4 News investigators read Barclays Bank contactless card details using an adapted mobile phone app.

Working with mobile phone Analysts await HP Opteron products security company ViaForensics, the investigators found that swiping the phone over a Barclays Bank contactless card yielded the name, long card number and expiry date.

Investigators said a simple nudge against a wallet would be enough for the app to read the data.

A ViaForensics spokesman told Channel 4 News: "All I did was I tapped my phone over your wallet and using the wireless reader on the phone I was able to lift out the details from your card, that includes the long M&S deploys Microsoft Azure cloud to run festive ad campaigns card number, the expiry date 0x80244022 windows 10 and your name. None of it was encrypted, it was simply a case of the details coming out through the air."

Channel 4 News was only able to access the details Oxwall_test21 of Barclay-issued Visa cards. Other banks and systems How To Get Rid Of Acne For Good! weren't accessible. The three-digit security code was not read by the scanner. But some retailers, including Amazon, do not require this code, making it easy to use card details to buy online.

Investigators set up an Amazon account with a different name, billing Tips for Publishing Content Uniquely Your Own address and billing address to a card they scanned and were able windows 10 update error 0x80244022 buy products.

Visa and Barclays said told Channel 4 News it is permissable to access card details in this way without permission.

Barclays told Channel 4 News: "The security of our customers' money and personal details is a top priority at Barclays, so we are understandably concerned about these transactions.

"We are compliant with scheme rules for contactless cards and our fraud guarantee refunds any fraudulent losses to customers in full. 

"The only information which can be obtained from a chip is the same as that which is printed on the front of the card – this does not include secure information such as PIN or signature (CVV) code.

"The details obtained should not be sufficient to undertake any fraudulent activity but we do depend on retailers upholding the same high standards of security when verifying payment details. 

"To be clear, this is not an issue with contactless but with the checks undertaken for 'card not present' payments by some retailers. 

"As a matter of urgency, we are ICO issues £200,000 penalty for failed IT disposal now engaging with retailers to ensure they are undertaking adequate and robust checks. We remain committed to contactless and firmly believe that it continues to be a safe and viable payment system."