Contactless bank cards

Roland Perry lists at
Wed Nov 17 12:06:49 GMT 2010

In article
<729CF33C-8148-4E32-B4D0-555830394C00 at>, Ian Mason
<ukcrypto at> writes
>> Surely you'd have to set up some sort of "man in the middle"
>>between the card and one of the Paywave terminals[1]. Wouldn't that
>>be a bit tricky in real time?
>No, search for "MIG in the middle".

On one hand, are you being ironic?

        "One case history that unfortunately turns out to be unfounded
        is the story of the `Mig-in-the-middle' attack, pp 19-20... in
        September 2001, I learned from a former employee of the South
        African Communications Security Agency that the story is

On the other... I'm seeking to understand what sort of technology you
could surrupticiously invoke near someone's wallet, and also near a
paywave terminal (and of course in between) which would provide a
suitably faked conversation that the card could be debited.
Roland Perry

More information about the ukcrypto mailing list