|
So you just got your new CharterOne insecure tracking device enabled, super hackable.. ATM card and would like to have some peace of mind.
Well, go no further.. all you have to do is disable the RFID chip and nobody will be able to snoop around without you knowing.
The first step is discovering where the chip is located. I did this with a SureFire flashlight, and here's where I discovered the chip:  Chip Detail Here's an image of the front of the card, showing the relative position:  Chip Location And lastly, an image of the back so you can see how they shortened the signature area so that you wouldn't.. uh..accidentally break the chip (note the logo 'not your typical bank'..yeah right):  Back of card Okay, now on to the fun stuff, lets break this thing! I stopped by a Sheetz, which has PayPass readers at the pumps (no waiting in line). Read the card, hrm.. 'Processing Card'.. it's no faster than swiping the card. Cancelled that sale, gave the RFID chip a whack with a small ball-peen hammer.. and.. NO READ! That was easy, probably used more force than needed.. I urge everyone that reads this to disable their cards using whatever means necessary. This technology in unproven, the protocols have never been reviewed by any honest third party.. and as such this system is unsecure! UPDATE: As noted on my front page you can get a non-RFID version of the card.
|