Monday, July 23, 2012

Android app steals contactless credit card data

Better not let your members get too comfy with their contactless cards.

Image source: Article
paycardreader, the Android application capable of siphoning credit card data from contactless bank cards has been posted on Google Play Store by a German penetration tester.

The app, which skims card numbers, expiration dates, transaction data, and merchant IDs, was launched at Integralis Security World 12 in Germany while considered still unstable. Developer and senior consultant for Integralis Thomas Skora said the app was "only for technical demonstration" to show how data could be swiped from contactless cards, such as PayPass Mastercard and GeldKarte.

Not the first time contactless cards have been proven hackable by security researchers. And thankfully for all your CU's contactless card holders, paycardreader was available for download on Google Play Store and GitHub. Get the full story from SC Magazine.

No comments: