By: Armourcard Team

 

Channel Nine’s A Current Affair show ran a story on Tap & Go Fraud

A big thank you to Tracy Grimshaw & Trevor Long for featuring on ACA Armourcard and a running a great story raising awareness of the vulnerabilities surrounding the technology that most of us already have in our wallets and purses.

Trevor Long went on to show how easy it was with freely available software on an NFC enabled smartphone to actually skim credit card details of a card.
As Ben mentioned in the report, the criminals use better equipment than a smartphone and will be able to skim you from a greater distance just like brushing past you in the street or on public transport
or in your local shopping mall.

Your personal data can be skimmed and sent instantly across the other side of the world to clone onto a mag-stripe card.

Trevor also mentioned that this technology becoming more accepted into our lives could open the floodgates to profiling your data for more identity theft-related crimes.

Tyler Harris, Armourcard CEO was featured showing how an Australian invention is helping prevent this wireless skimming crime by our product Armourcard.

Armourcard is the only product in the world to actively jam the frequency (or communication link) between your credit cards and the criminals with readers trying to wirelessly skim your data.

PRESS Release: SYDNEY – 10TH JUNE 2015 –

‘Tap and Gone’ – Electronic Pickpockets costing Aussies up to $439m

ARMOURCARD, an Australian company dedicated to the prevention of wireless skimming, has revealed Aussies could be losing as much as $439 million a year to ‘Electronic Pickpockets’, following a study into the extent of the criminal activity.

The survey revealed that one in seven Australians (14%) have either been affected themselves or know someone that has been a victim of electronic skimming – a type of credit card fraud, where criminals extract your card details using RFID or NFC technologies.

The report also found a fifth of Aussies (20%) are completely unaware this crime exists.

Tyler Harris, Co-Founder and Director at AMOURCARD, believes that things will only get worse for consumers, if we don’t address this issue proactively.

“Wireless technologies, such as ‘Tap and Go’, have made life easier for shoppers and retailers. However, the same technology has become a target for criminals looking to exploit it for personal gain,” said Harris.

“Anyone with a NFC enabled smartphone can download any number of free apps which turn their phone into a device capable of retrieving personal information and data from ‘tap and go’ cards and ePassports. It is an invisible crime that often goes unnoticed until it is too late.”

The study also revealed the true extent of the crime could be even greater, with Aussie not knowing they have been robbed. Over half (51%) of Australians admitted they wouldn’t notice if small amounts of money went missing from their accounts, with the average Australian adult able to lose $28.49 without noticing. This equates to a potential loot of $519M available to criminals.

“The threat of being robbed $20, $30 or even $100 often isn’t at the top of our minds, but we are all aware that it happens. What is surprising is this is only the tip of the iceberg and consumers are yet to see the threat that lurks below the waterline,” added Harris.

As more items become RFID or NFC enabled – such as Social Security cards, medical cards, library cards, driver’s licenses and national identity cards – the likelihood of being skimmed will increase. These cards contain a lot of personal information and data, which hackers can exploit. This stolen information aids criminals in the profiling of individuals and can lead to identity theft as well as fraudulent fiscal gain.

“We’ve looked at this technology being rolled out across the globe and have found that personal information, such as your name, age, date of birth and address can easily be attached to the RFID or NFC microchips. Access to this information will only aid criminals in stealing your identity. Until the technology is proved 100% safe it only makes sense to protect yourself,” concluded Harris.

iTwire asks Armourcard about electronic pickpockets and wireless skimming and what you need to know

AlexIn a recent video interview and story by Alex Zaharov-Reutt from iTwire and our CEO Tyler Harris whereby they candidly discuss and help consumers understand a little more about the vulnerabilities around this RFID technology roll-out and how to best protect yourself.

In the interview, Harris talks about the history of RFID from its origins as a ‘SpyTool’ from the cold war to current day and future applications that will be coming to a wallet near you soon.

If you know nothing about this technology this interview is a great place to start understanding what you can do to protect yourself.

Thanks, Alex from iTwire for taking the time with Tyler and supporting our Australian invention we really appreciate both yours and iTwire support.

IT-Wire-logoTo also read the full story on iTwire please go here

TravelTalk one of the premier travel industry publications recently had a chat with our CEO Tyler Harris on how to best protect yourself while travelling from this invisible crime called ‘Electronic Pickpocketing’.

Harris explains how the crime happens and how ‘we’ as consumers/travellers need to be very aware of how easy it now is to gain access to your personal data. This includes your ePassports, ‘tap & go’ credit and debit cards along with many hotel room key cards that all use RFID technology to transmit your data over open airways that can be intercepted by criminals with ease.

Read the full TravelTalk article here

Cloning credit cards today – 9 October 2014, its not hard to do as expert shows.

The new age of credit card skimming and cloning credit cards is on show today at the Breakpoint security conference in Melbourne.

peterfillmore-212x300Peter Fillmore an Australian money hacker & security boffin will demonstrate how he probed the protocols behind Visa and Mastercard payment cards and proved the viability of an attack by successfully using cloned versions of his credit cards to shop at supermarket chain Woolworths, and buy beer at a Sydney pub.

He will show today via modded Nexus 4 phone and how it steals data from Paywave and Paypass cards that could be introduced into cloned cards.

While the phone tactic is an inconspicuous attack, Fillmore told Vulture South that enterprising criminal gangs could make a killing by using his tactics with more powerful custom equipment to scam commuters on their way to work.

“The phone needs to be really close to someone’s wallet to work so it’s more of a proof-of-concept. [However], the attack I would be worried about is a criminal gang with a [reader] in a briefcase who captures a whole lot of cards on a tram and uploads them to a central server,” Fillmore said.

“Someone located far away could then wait until their phone pings with the stolen information and start using the cards,” he added.

“This is better than a relay attack because you can store the transactions and you don’t have a timeframe,” he said.
There’s another advantage for the potential criminal, as when the trick fails, it appears to the retailers and banks to be a mundane error, rather than a fraud attempt, which could trigger a well-resourced bank and police investigation.

Large retailers are first choice targets for attack (rather than small new businesses) as they were likely, as in the case of Woolworths, to operate legacy point-of-sale payment equipment and therefore be more open to fraudulent moves.

The Nexus 4 (as Fillmore discovered) served as an efficient and discrete hardware fuzzer for contactless cards. The popular Cyanogen mod gave access to an otherwise inaccessible application programming interface called ‘Host Card Emulation’ that he said is a “great platform” for cloning cards.

Fillmore plans to write an exploit app for a popular but as yet unnamed card reader that would be delivered through the phone.

His attack worked in part by exploiting payment terminal’s legacy support for magnetic stripe cards. The EMV (the gold chip on credit cards) protocol meant cards told terminals if it supported EMV, which then allowed an attacker to pushed payment processing back to mag stripes.

contactless-300x200It captured details, including an application transaction counter, which was incremented each time a transaction was made. Attackers needed to conduct the fraud before the next transaction was made or an error would occur.

The attacks weren’t due to particular problems with a given bank, although the Australia and New Zealand Banking Group (unlike the National Australia Bank) was found to have not implemented a randomisation number which while affording additional security, did not prevent the attack.

Fillmore said new startups may be harder targets as they may use new technology that could be, like one tested at a NAB ATM, capable of determining if a contactless credit card was ‘lying’ about not supporting EMV.

Blocking the attack would require the very slow process of dropping legacy support for non-EMV transactions, a feat that could be done faster in Australia than the US.

“I believe that EMV interfaces in general (both RFID and physical) is an area ripe for implementation bugs and errors,” Fillmore said. “Its just the lack of available/affordable test equipment which has prevented researchers from exploiting this area.”

He said the attack may work similar to Cupertino’s Apple Pay platform which supported non-EMV transactions.

Fillmore’s work built on the shoulders of Michael Roland and Josef Langer from NFC Research Lab detailed in the paper

Source:

Orginal source of article ‘The Register’ UK

Follow Peter on Twitter @typhoonfilsy

 

Harvey Norman to stock Armourcard in-store for Christmas.

The heavy-hitting national retailer Harvey Norman has jumped on board to stock Armourcard in their top 60 metropolitan stores across Australia in the lead up to Christmas.

HN-store-300x168The CEO of Armourcard Tyler Harris when interviewed said:

We are extremely excited to be stocked in Harvey Normans Electronic & Computer stores, Gerry Harvey is an Australian retail icon and to be represented within his stores is fantastic for the Armourcard brand.

Harris added:

The great thing about being represented in these high profile?brick & mortar stores is that it now exposes Armourcard & its superior technology to more consumers & also allows the consumers who do not want to purchase Armourcard via their?online channel to go in-store to make the purchase.

Harvey Norman is expected to have them displayed at the payment counters so be sure to keep an eye out and make your purchase through these great retailers in the lead up to Christmas.

Harris adds:

Ask instore and support us and these great national retailers by buying your Armourcard through Harvey Norman.

 

harveynorman

Armourcard woke up with the Channel 9 TODAY Show this morning!

today-show-tyler-300x225Armourcard CEO Tyler Harris was this morning a guest on Australia’s popular morning show the Channel 9 TODAY Show with Karl Stefanovic and Lisa Wilkinson.

The Channel 9 TODAY Show host Karl asked Tyler several questions about the wireless skimming and how we can better protect ourselves from this growing crime.

Harris said about the appearance:

“It’s always a little daunting to be on live television and not have the luxury of a delay or pre-recording so my heart rate was up.”

Harris went on to say:

“Karl is a fantastic host and really made me feel a little more relaxed, although I’m sure when I see the piece I still will not look relaxed. Due the limited time we had I think we covered some good basic issues about this crime.” Added Harris.

Thanks to the Channel 9 TODAY Show hosts, Karl Stefanovic and Lisa Wilkinson and all the people behind the show that helped me get on the show.

CNET takes on Armourcard for its readers and says Aussie invention is a must have.

CNET- ARMOURCARD headlineCNET is the world’s leader in tech product reviews, news, prices, videos, forums, how to’s and more writes a review on Armourcard’s Active Micro Jamming Technology.

Claire Reilly one of CNET’s Australian tech journalist after an interview with Tyler Harris the CEO and inventor of Armourcard has written a great review of Armourcard for CNETs global audience.

Tyler Harris said:

“It was great to have a chat with such a technology influencer like CNET and for Claire Reilly and Seamus Byrne another of CNET’s high profile journalist to really like our Australian invention.”

The article covered Armourcard technology and the applications in which you use Armourcard to protect your personal data from being skimmed.

Harris added:

“It was also great that our national retailers got a mention in the article as they are really supporting our product.”

To read the full CNET article on Armourcard

Travel Weekly Magazine and Website “Why Travel Insurance Won’t Protect Your Cards” 

A great article was written by HANNAH EDENSOR of Travel Weekly Magazine who recently interviewed our CEO Tyler Harris on the emergence of this new form of crime and how best to protect your credit cards and passport while your traveling.

Travel Weekly the highly respected travel magazine has spoken with Armourcard CEO Tyler Harris about how to best protect yourself while traveling from the new wave of skimming crime that can now lift your ePassports, credit cards and even hotel keys without you ever knowing.

Harris goes on to say

… its never been easier for organised criminals or even opportunitistic low level criminals to get your valued personal data, not just your credit card numbers but more importantly information that can lead to your identity being used for the means of identity theft.

Harris continues

… we believe that as a first lline of defence when traveling we need to start to take control of protecting our personal data, the hassle of being skimmed then trying to prove that to a financial insitution that the freud happened on the very least is time consuming and big hassle especially whilst traveling abroad.

Travel Weekly likes to help and give great advice to consumers about all things traveling this includes great destination articles, travel tips, and even some travel hacks from what to pack to how to spot a travel scam. We at Armourcard enjoyed our time chatting with them and them showcasing Armourcard to there readerships

Thanks to Travel Weekly Magazine for your support.

read the full article here on Travel Weekly Magazine

In an article titled “Australians build a preventative invention for your wallet”
the tech guide interviewed one of the directors of Armourcard.

Tyler Harris went on to say about the interview:

Overall it was a positive interview & review of our product, but a few key points were left out from Leigh’s write up that where discussed in the interview such as how an Australian ‘White Hat Hacker’ Peter Fillmore as recently as Oct 2014 tested the security protocols behind Visa and Mastercard payment cards and proved the viability of an attack by successfully using cloned versions of his credit cards to shop at supermarket chain Woolworths, and buy beer at a Sydney pub.

Which Leigh only referred to a previous Mastercard interview from 2013 which Matt Barr, MasterCard’s head of Market Development in Australia refers to other RFID protective products as just creating noise to sell a product, we found that those comments from a company who is rolling out this technology right on the corporate line and what would be expected from a company that “creates a lot of noise” about their ‘Tap & Go’ technology in what appears to be a sell to the consumers on ‘its ok to use’ and don’t worry about any fraud.

Unfortunately had the article referenced the latest example of how criminals can skim & use your money as mentioned from the passage above it may have shown the readers that there is always two sides to the story ( one from corporate card issuing companies who have invested billions rolling out this technology, and the other from the hacking community and security experts like Peter Fillmore who still to this day show us how easy it happens & it can happen)

Harris said:

Until there is a 100% guarantee that the technology is safe, then why wouldn’t you protect yourself and Armourcard offers that protection.

To read full article go here