Undetected theft: How thieves get credit card information

It is one of the most important messages of all – payment by credit card will soon no longer require a credit card but is also possible with a smartphone. Technology that excites. In the future it should be sufficient to simply hold the phone to a reader and the credit card will be charged with the amount of the purchase. The advantages for customers are many. In this way it is possible to no longer carry the wallet with you. Security also seems to be particularly high. Actually! Because recently there have been increasing reports that payment via the new NFC technology is no longer so secure. So hackers have already found ways to get the data.

 

Credit card details

Credit card details

In times of the Internet in particular, it is often sufficient to simply use the credit card details of someone else and then make payments with them. This data can fall into the hands of fraudsters in a variety of ways. Theft of the credit card or a virus on the phone are just two of the options available. So now there is a third possibility and that is the theft of the cards via the smartphone. Researchers have now figured out how this should work and have even carried out the process. It is not as difficult as it appears at first glance. This gives fraudsters the opportunity to access the data via an app. By presenting the researchers, there is now the option to close this security gap. Until then, users of the payment method are encouraged to make sure that they do not install any apps that are unknown or have not yet been rated. This way, the protection can be significantly increased.

 

How does the theft work?

hacker

In fact, it didn’t take quite as much technical sophistication as you might think. The creation of apps is almost a basic skill for young people today. Apps can be put together with simple programs, which can then be offered in the stores. Users of a smartphone can use the applications free of charge or at a reasonable price and download them to their cell phones. This is exactly where the problem lies, if one can believe the researchers. They have developed an app that has been prepared. The idea is to use the new NFC technology. Near field communication is the basis for paying with a smartphone.

 

Prepared app can easily fall into the trap of fraudsters

Prepared app can easily fall into the trap of fraudsters

The app uses a malware to check the environment. If there is a smartphone with credit card data used for the payment during the check, attackers can connect to this smartphone. The transmission of the data during payment then means that the data is also passed on to the fraudster’s device.

But: A small ray of hope is that the data transfer is not directly the credit card data but the amount that should be paid. So far, there is a limit for payment with the smartphone and this is 25 dollars. Fraudsters can have the app transfer up to 25 dollars to their own account, which then charges the credit card of the person concerned.

So far there have been no known thefts in this way. Due to the rapid discovery of the vulnerability, there is also the possibility that it will not happen in the future. If security experts develop a way to tackle this type of theft, fraud can be contained directly. Security is still limited when paying with a smartphone.