Jump to content
Sign in to follow this  
madvideos

New phone app banking feature

Recommended Posts

So today I logged in to my banking app, BOA, and a window opens and tells me they have a new feature that can detect if my card is on me. Sirens went off, how is my phone able to know that the smart chip is there and that it belongs to me. There is obviously traffic of some sort and to me it seems it goes both ways.

Anyone got any insight to share on this? I suppose I could run wireshark as I walk away from my wallet, maybe a later project. I know wireshark can read data going to google as to where exactly where I have been all damn day.

Share this post


Link to post
Share on other sites
On 7/24/2019 at 4:10 AM, madvideos said:

So today I logged in to my banking app, BOA, and a window opens and tells me they have a new feature that can detect if my card is on me. Sirens went off, how is my phone able to know that the smart chip is there and that it belongs to me. There is obviously traffic of some sort and to me it seems it goes both ways.

Anyone got any insight to share on this? I suppose I could run wireshark as I walk away from my wallet, maybe a later project. I know wireshark can read data going to google as to where exactly where I have been all damn day.

Hi buddy,

Great set of questions........who watches the watchmen springs to mind.......Personally, and without going into too much detail, I think you should use an RFID secure wallet for your cards and possibly the card sleeves option as well (known colloquially as the belt and braces system). 

Yes your phone app is reading your card data and no doubt used by the provider to then target you with tempting offers. It is all part of the cyber marketing exploitation targeting potential customers process. Totally legal as you do not own the cards (the provider does) and the terms and conditions that you read (yeah right, we all do that) will have buried in there somewhere that they can do this. It is obviously something that you need (the card), so I would choose to either keep the card in a safe place (at home) or ditch the app, as you can always check your balances etc., at home on your own computer via SSL etc., but these are just my views.

I hope this helps in some small way😎

  • Like 1

Share this post


Link to post
Share on other sites

Nope, you have it all wrong.  NFC on our phones isn't long range enough to read your cards unless you physically have the card in the same case as the phone.  They stop reading about 3 or 4 inches max from the phone.  Here's your answer.

 

Untitled.png

Share this post


Link to post
Share on other sites
On 8/16/2019 at 7:48 AM, barry99705 said:

Nope, you have it all wrong.  NFC on our phones isn't long range enough to read your cards unless you physically have the card in the same case as the phone.  They stop reading about 3 or 4 inches max from the phone.  Here's your answer.

Wonder how this will turn out when someone tries to use GPS spoofing against it?..

Share this post


Link to post
Share on other sites
On 8/20/2019 at 3:39 PM, trapman16 said:

Wonder how this will turn out when someone tries to use GPS spoofing against it?..

They would have to have the app installed on their phone, with your account, not sure how gps spoofing would do anything.  I suppose they could jam the gps on your phone, but all that would do is send an alert to you asking if you made a purchase.

Share this post


Link to post
Share on other sites
12 hours ago, barry99705 said:

They would have to have the app installed on their phone, with your account, not sure how gps spoofing would do anything. 

I'm not saying is practical just the concept.  

Would it not be possible if someone had the CC to use the card at one location while someone spoofed the GPS data to the owners device so once a transaction took place the app would think all is good?  (again not practical just a wild possibility I suppose)

Share this post


Link to post
Share on other sites
21 hours ago, Cap_Sig said:

I'm not saying is practical just the concept.  

Would it not be possible if someone had the CC to use the card at one location while someone spoofed the GPS data to the owners device so once a transaction took place the app would think all is good?  (again not practical just a wild possibility I suppose)

Proof of the pudding shall be in the tasting, although in this case the testing, which I for one would be keen to test.......😎

On 8/23/2019 at 1:37 AM, barry99705 said:

They would have to have the app installed on their phone, with your account, not sure how gps spoofing would do anything.  I suppose they could jam the gps on your phone, but all that would do is send an alert to you asking if you made a purchase.

I think there will be a way to get around this.......I shall probe the possibilities and report my findings.......meanwhile, enjoy this new app......🤓

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...