Android application reads credit card data over NFC
German security consultant Thomas Skora has published an Android application that is able to read details from contactless credit cards over a near field communication (NFC) connection. The open source application was available in Google's Play store for a while but has now been removed. Its code is still hosted on GitHub.
The paycardreader application has been successfully tested with a German PayPass Mastercard and it also works on the electronic payment system GeldKarte, which is popular in Germany. Skora says that he has written the application for demonstration purposes only. The application needs an NFC-enabled smartphone to work and is still considered unstable at the moment.
Contactless credit card systems have been hacked in the past and while the problems with the technology are worrisome, access via NFC is not a viable way to harvest a great amount of credit card data for obvious reasons. The relatively easy availability of smartphone applications like paycardreader will most likely make them attractive for opportunist fraudsters, however. While Google has removed the application from its store, Skora has stated that he will make the APK file publicly available himself.
See also:
- Hacker extracts RFID credit card details, a report from The H.
(fab)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
