A University of Surrey researcher created a cheap receiver from off-the-shelf electronics and was able to eavesdrop on contactless card payments at distances of 20-90 centimetres - collecting credit card numbers, expiry dates, and cardholder names. This despite the fact that one of the main security features of contactless cards is a requirement not to transfer payment data in excess of 10cm from a reader.
Disposable or limited-use contactless fare cards used in New Jersey and San Francisco have insecure implementations of the Mifare Ultralight chip that can be reset to get free rides, security researchers have shown.
The internet is abuzz with whispers that Apple's iPhone 5, rumoured to be launched this week, will come with a fingerprint scanner to secure the device. If true, this could be a big step forward in iPhone's quest to become a digital wallet, but will convenience-crazy iPhone users embrace biometrics?
Peter Szabo, a senior threat researcher with SophosLabs, joins Chet this week to to share what they learned at this year's Black Hat and DEF CON conferences. They discuss NFC, a file disinfection framework, steganography and the dangers of IPv6 and DNSSEC.
In a talk at the Black Hat security conference last week, Charlie Miller unveiled his research into NFC vulnerabilities.
A TV news report raises concern about the NFC-enabled contactless cards being used by Barclays banking customers. Professor Alan Woodward explores what he believes to be the real issue.
Day 2 at CanSecWest was dominated by mobile security talks. The highlights included anti-rooting technologies used in Android, iOS and a look at NFC enabled mobile phone security.
A researcher at zvelo has discovered that he can recover the PIN used to make payments with Google Wallet in just seconds on a rooted Android device.
Google Wallet has been revealed to the world.
Should you be throwing away your physical wallet or are there good reasons for keeping it?