Contactless payment cards are meant to have a limit of £20 per purchase in UK,without typing their PIN.By exploiting this vulnerability
"With just a mobile phone we created a POS terminal that could read a card through a wallet,All the checks are carried out on the card rather than the terminal so at the point of transaction,there is nothing to raise suspicious.By pre-setting the amount you want to transfer,you can bump your mobile against someone's pocket or swipe your phone over a wallet left on a table and approve a transaction.In our test,it took less than a second for the transaction to be approved.",said Martin Emms(lead researcher of the project).
Security experts are worried about the security weakness in Visa's contactless payment cards.
"Our research has identified a real vulnerability in the payment protocol,which could open the door to potential fraud by criminals who are constantly looking for ways to breach the system",Emms said.Visa Europe said that they have reviewed the report submitted by Newcastle and now it is updating its protection to make transaction more safer.
Post a Comment