How 30million ‘wi-fi’ credit cards can be plundered by cyber identity thieves exploiting contactless payment technology
Millions of debit and credit card holders are at risk of having their personal data mined by thieves exploiting a loophole in the latest ‘contactless’ payment technology.
Card numbers and personal details can be read almost instantly by a remote device such as a mobile phone, according to cyber-crime experts.
Contactless cards have been in use for five years and are becomingly increasingly popular as they save time for retailers and customers by speeding up transactions.
Customers use them to pay for less costly items (£20 or under) without having to key in a PIN number or scrabble around for cash. Instead, they simply scan their plastic over an electronic reader at the till.
But the new technology is vulnerable to thieves and conmen. Any stranger who found or stole one of the cards could go on a small-scale spending spree of up to £100 – as the reader requires a PIN only after five transactions in one day.
And this week The Mail on Sunday witnessed how details from the cards can be wirelessly copied by a touch screen phone – modified with parts bought on the internet for as little as £30.
The phone – which was adjusted by security expert Martin Emms and his team of researchers at Newcastle University’s Centre for Cybercrime and Computer Security – also accessed the last ten transactions made on the account.