EEVblog #889 - Credit Card RFID/NFC Theft Protection Tested

preview_player
Показать описание
Do those RFID/NFC shielded wallets and bags actually work to protect your contactless credit cards?
Systems like VISA PayWave and Mastercard PayPass.
Does aluminium foil work?
Dave does some measurements to find out using a H-Field probe

ISO/IEC 14443 Standard:

Support the EEVblog through Patreon!

EEVblog Amazon Store (Dave gets a cut):

  1. EEVblog
  2. eevblog
  3. video
  4. rfid
  5. identity theft
  6. credit card
Рекомендации по теме
EEVblog #889 - 0:17:21

EEVblog #889 - Credit Card RFID/NFC Theft Protection Tested

EEVblog #890 - 0:25:07

EEVblog #890 - ArmourCard Active RFID Jamming Teardown

Inside of a 0:00:16

Inside of a credit card 💳

16x9 - Taking 0:14:38

16x9 - Taking Credit: Stealing your credit card info easily

EEVblog #783 - 0:12:31

EEVblog #783 - Dumpster Dive Power Macs

EEVblog #968 - 0:27:45

EEVblog #968 - Mystery EDA Package

EEVblog #676 - 0:24:48

EEVblog #676 - RANT: FTDI Bricking Counterfeit Chips!

RFID CARD BLOCKER 0:00:19

RFID CARD BLOCKER ,RFID/NFC Blocking Card

EEVblog #888 - 0:35:30

EEVblog #888 - Mailbag

Mailing of single 0:00:07

Mailing of single card envelope

How to protect 0:00:26

How to protect your credit card?- RFID Blocking Card Test

A summary of 0:00:19

A summary of EEVblog #822

EEVblog #911 - 0:17:58

EEVblog #911 - 2016 Sydney Maker Faire Part 2

EEVblog #972 - 0:20:18

EEVblog #972 - Operating Chips Outside Their Spec

EEVblog #893 - 0:47:37

EEVblog #893 - Mailbag

EEVblog #901 PART 0:11:14

EEVblog #901 PART 2 - RPi 3 Photoflash WiFi Problem

EEVblog #901 - 0:09:06

EEVblog #901 - Raspberry Pi 3 Photoflash Problem

EEVblog #896 - 0:42:18

EEVblog #896 - Space Electronics

Effective range of 0:00:43

Effective range of NFC-based Credit Cards

EEVblog #991 - 0:46:51

EEVblog #991 - Mailbag

How safe is 0:08:51

How safe is contactless payment? || How does RFID & NFC work? || EB#40

EEVblog #1179 - 0:36:13

EEVblog #1179 - Mailbag

EEVblog #1003 - 0:43:49

EEVblog #1003 - Mailbag

EEVblog #911 - 0:04:04

EEVblog #911 - 2016 Sydney Maker Faire

Комментарии
Автор

I feel like a simple solution to these cards would be a resistive sensor or something (such as two metal contacts that you place your finger over) and without your finger on them, the card doesn't talk.

iamdarkyoshi
Автор

I've had my card wrapped in "AL-foil" for about a month. Now I know I'm "mostly" safe. Thanks for this video and the knowledge it passes on to the public. My bank couldn't even give me a straight answer about this.

bigwheelsturning
Автор

Love that DaveCAD works beautifully even on small screens.

emuboy
Автор

A tap and go skimmer was the first device I built with what I learned on EEVblog. It works like a charm and finances all my subsequent projects. Thank you dave.

thekaiser
Автор

Reminds me of a few of my student mates. They made a tranceiver and antenna for scanning RFID cards from a distance of up to 10 meters. Worked pretty well, they could scan university cards from people walking below past the window of the lab.

tHaHxr
Автор

Yeah right, Mrs EEVBlog's bag..
It's your new manbag isn't it :-)

leonkernan
Автор

I really don't understand why they don't just build in a little metal dome switch on the card that must be pressed to allow power to the chip. It's blindingly obvious, super simple and 100% read proof until the exact moment of payment.

ElectricGears
Автор

From taking screenshots of your lovely scope I'm able to ascertain that your name is Dave..
Joking aside I imagine with even just Al foil the eddy currents would produce enough noise to disguise the AM packets, although they are sent after the circuit is charged but at that freq it probably stops the induction to the receiver coil in the first place..
I love how every second week these card are on the news as a "security risk" but never referring to the RFID technology itself. Anyhow great video mate..

DanielVidz
Автор

That is RF . RF stands for, wait for it, Radio Frequency. 873 kHz is a frequency that my radio can pick up, is designed to pick up. It is RF !

neddyladdy
Автор

Thanks for covering some of this Dave. It would be interesting to see more testing, experimentation, and methods of protection and disabling cards in the future. It was too bad that Mythbusters were never able to air their findings due to threats possible lawsuits even relate to talking about it. They are pretty tight lipped about it all to this day.

Keith_Ward
Автор

Thanks for clearing up the misconception and highlighting the technology.

oneofus
Автор

Thats the REAL PERFECT way to really explain those "RFID" cards! Perfect, and Understandable.
Indeed, It is a Inductively coupled system.

Neovo.Geesink
Автор

The fun thing to do is have a larger coil in the purse that also picks up this magnetic field and outputs random noise in the RFID bands. The best part is that under normal conditions it does nothing, only when you're being scanned by some thief.

BobDiaz
Автор

I wanted to totally disable the RFID function of my card. The answer was simple. A small notch in the bottom edge of the card, just a few mm, breaks the coil and stops it working.

peterjansen
Автор

With the TI RFID Development kit TRF7970A I managed to read more than 10 cards at the same time. However I have seen tags that use the 125 kHz system for building access control interfer with the theft protection of a Fiat Punto. It took my friend at work several weeks to figure out what was going on and why his car didn't start sometimes. That was before 2006 though.

ChipGuy
Автор

A friend of mine was on the standards committee for the design of all RFID banking cards and he went through the maths regarding theft and RF levels both to activate the card and the RF from the card and the chance of someone stealing your data is very low. Anyway you'll get your money back as it was an unauthorised transaction.

glenwoofit
Автор

Tip: Last NFC transactions history is stored directly in most Visa cards. There are applications to read them also.

This video focuses a lot on scanning aspect, but scan is useless without SE response. So the only way to actually steal money is to perform MitM attack with HCE endpoint to emulate SE.

As for biometric passports - data is encrypted and key is generated from passport number, date of birth and date of expiration.
That's why you have this
<<<<blablabla<<<<bla<<<bla
<<<bla<<<<bla
section in them. It's for machine to run a dumb OCR to get required info for generating decryption key and then decode data. So scan alone is also useless.

bbkr
Автор

Good Lord! It works. Just two layers of aluminum foil inserted in my wallet and NFC can't read anything. Thank you very much for that advice!

MilanKarakas
Автор

People have seen skimmers walking the London Tube with handheld Point of Sale devices. Here in the UK the limit is a much more manageable £30. Still spend a few hours walking about London crowds and you could make a decent living. Electronically pickpocketing £30 quid a time.

stephenmorrish
Автор

If you want to disable your payWave or PayPass chip, simply cut the side of the card where the wire loops around the card. You don't need to cut much, only to rupture the loop.

expertmax