Contactless bank cards

Roland Perry lists at
Wed Nov 17 20:04:45 GMT 2010

In article <20101117165351.GJ2834 at>, Jon Ribbens 
<jon+ukcrypto at> writes

>No you haven't, you just said "except if it's cordless" without
>explaining why they don't count for whatever it is we're talking

In previous postings, I doubted whether there were any Paywave cordless 
terminals, and wondered about merchants rubbing such terminals against 
random victims.

>> Is a "stand-alone" unit something different?
>I meant "stand-alone" as in "not relying on a till to enable the
>transaction". I don't see how it matters if the terminal's connection
>to the bank is wired, WiFi, bluetooth, GSM or whatever.

Because you still have to make a data connection between a card in 
someone's pocket the other side of the shop, and the paywave pad on this 

>As to how you could connect a victim's contactless card to a terminal
>that is "far away", surely it is not hard to conceive of a device
>which you hold near the card which does nothing but receive and
>transmit to the card, and then forward this conversation on via,
>e.g. WiFi, to a terminal further away -

That's the problem I have (and also my answer to Ian Mason's enquiry). 
How to make something which imitates an RFID card over a two-way data 

>even assuming that for some reason you couldn't put a wireless PDQ 
>terminal in your pocket.

See "rubbing against victims" above.
Roland Perry

More information about the ukcrypto mailing list