A Digital wallet or an e-wallet is something that allows users to make electronic commerce transaction quickly and securely.
Credit cards replaced cash and now is the era of 'Digital wallets'. It is predicated that its usage will be common within a decade (Pew Research survey released in April).
Blackwing Intelligence security researcher Eddie Lee showed DefCon attendees how to use an Android-powered smartphone to pickup data from creditcard and then used the swiped information for digital wallet purchases.
"You can start spending on someone's creditcard; basically you can use it the way you use Google Wallet," Lee said while demonstrating his technique to a packed room of hackers. "We've known from a long time you can skim RFID credit cards," he said. "This lets you abuse that information and spend on those cards. Maybe this will give the creditcard companies an incentive to fix the things in my wallet." He theorized the tactic could work on the cards, such as those for metro system fares or building access.
Accuvant computer security firm consultant and former National Security Agency analyst Charlie Miller showed DefCon attendees a way to slip into smartphones by getting a sensor close enough to read signals from NFC chips. In some cases, it is even possible to take over control of a phone via NFC. One can steal photos, contact lists, send text messages or even make phone calls. He showed that if he could briefly get an antenna device easily concealed in a sticker near enough to a phone at an opportune moment, it can open a virtual door that a hacker could slip in through. "A bad guy can use that moment of talking to your phone to steal data," he continued. "NFC is cool, convenient and fun; I'm just trying to say let's pay attention to the security implications."
Credit cards replaced cash and now is the era of 'Digital wallets'. It is predicated that its usage will be common within a decade (Pew Research survey released in April).
Blackwing Intelligence security researcher Eddie Lee showed DefCon attendees how to use an Android-powered smartphone to pickup data from creditcard and then used the swiped information for digital wallet purchases.
"You can start spending on someone's creditcard; basically you can use it the way you use Google Wallet," Lee said while demonstrating his technique to a packed room of hackers. "We've known from a long time you can skim RFID credit cards," he said. "This lets you abuse that information and spend on those cards. Maybe this will give the creditcard companies an incentive to fix the things in my wallet." He theorized the tactic could work on the cards, such as those for metro system fares or building access.
Accuvant computer security firm consultant and former National Security Agency analyst Charlie Miller showed DefCon attendees a way to slip into smartphones by getting a sensor close enough to read signals from NFC chips. In some cases, it is even possible to take over control of a phone via NFC. One can steal photos, contact lists, send text messages or even make phone calls. He showed that if he could briefly get an antenna device easily concealed in a sticker near enough to a phone at an opportune moment, it can open a virtual door that a hacker could slip in through. "A bad guy can use that moment of talking to your phone to steal data," he continued. "NFC is cool, convenient and fun; I'm just trying to say let's pay attention to the security implications."
0 comments:
Post a Comment