How NFC Skimming Works

chushpan

chushpan

Professional
Messages
944
Reaction score
746
Points
93
NFC skimming is a method of stealing data from contactless bank cards or other devices that support NFC (Near Field Communication) technology. This type of fraud has become possible due to the growing popularity of contactless payments. Let's look at how NFC skimming works, what tools fraudsters use, and how to protect yourself from this threat.

1. What is NFC?​

NFC (Near Field Communication) is a short-range (up to 10 cm) wireless communication technology used for contactless payments, data exchange between devices, and other purposes. Contactless cards, smartphones with Apple Pay or Google Pay, and other devices use NFC to transfer data.

2. How does NFC skimming work?​

a) Basic principle​

  • Fraudsters use special devices (NFC readers) that can read data from contactless cards.
  • The devices operate at short range, so the victim may not even notice the attack.
  • The data read can be used to clone the card or make fraudulent transactions.

b) Stages of attack​

  1. Equipment preparation:
    • Fraudsters create or buy compact NFC readers.
    • These devices can be hidden in bags, pockets, or even built into everyday objects (such as smartphones).
  2. Reading data:
    • The offender approaches the victim at a distance of up to 10 cm.
    • The NFC reader automatically reads data from the card if it is within range.
  3. Use of data:
    • The data read can be used for:
      • Cloning a card.
      • Small purchases (often not requiring a PIN).
      • Transferring data to other fraudsters.

3. What data can be stolen via NFC?​

Contactless cards typically transmit a limited set of data, but this may be enough for fraudsters:
  • Card number (PAN).
  • Cardholder name.
  • Validity period.
  • Sometimes additional metadata.

It is important to note that the CVV code (the security code on the back of the card) is not transmitted via NFC, which limits the use of stolen data.

4. NFC Skimming Tools​

Fraudsters use the following devices and programs:

a) NFC readers​

  • Compact devices capable of reading data from contactless cards.
  • Examples: Proxmark, ChameleonMini, or homemade readers based on Arduino/Raspberry Pi.

b) Smartphones​

  • Some scammers use modified smartphones with NFC support to read data.

c) Software​

  • Specialized programs for analyzing and using read data.
  • Example: Mifare Classic Tool, NFC Tools.

5. Examples of attacks​

  • Crowd swiping: A scammer passes by a victim in a public place (such as a subway or concert) and swipes the card.
  • Hidden devices: Readers can be disguised as everyday objects (such as folders, bags or phones).
  • Automation: Some devices can operate autonomously, for example in crowded areas.

6. NFC skimming protection​

a) Use of protective covers​

  • Purchase a case or wallet with RFID/NFC protection.
  • These accessories block the NFC signal, preventing data from being read.

b) Disabling NFC​

  • On smartphones, NFC can be temporarily disabled through the settings.
  • This is not possible for cards, but they can be stored in protective cases.

c) Limitation of contactless payments​

  • Set a limit on contactless transactions (e.g. 20-50).
  • Require a PIN for large purchases.

d) Monitoring of accounts​

  • Check your card statements regularly for suspicious transactions.
  • If you detect fraud, please notify the bank immediately.

e) Use of tokenization​

  • Modern systems (e.g. Apple Pay, Google Pay) use tokenization, where real card data is replaced with one-time codes.
  • This reduces the risk of stolen data being used.

7. Limitations of NFC skimming​

Although NFC skimming seems dangerous, it has certain limitations:
  • Limited data volume: Without the CVV code, it is difficult to use stolen data for online purchases.
  • Small amounts: Contactless payments are often limited to small amounts.
  • Difficulty of scaling: Collecting data on a large scale requires a lot of time and resources.

8. Conclusion​

NFC skimming is a relatively simple method of stealing data from contactless cards that can be implemented using inexpensive devices. However, modern security technologies (e.g. tokenization, transaction limits) significantly reduce its effectiveness.

To protect against NFC skimming, it is important to take precautions such as using protective covers, regularly monitoring accounts, and limiting contactless payments. If you notice suspicious activity, contact your bank immediately.

If you have any further questions about NFC skimming, write!
 

How NFC skimming works and how to protect yourself from it​

NFC skimming is a method of stealing data from contactless cards or smartphones with payment systems (Apple Pay, Google Pay) using a nearby reader. Unlike classic skimming, this does not require physical contact with the card.

How does NFC skimming work?​

1. Data collection​

  • The attacker uses a portable NFC reader (e.g. Proxmark3, Flipper Zero) or a modified smartphone.
  • Brings the device within 1–10 cm of the victim’s pocket/bag.
  • If the card is not protected, the reader can read:
    • Card number.
    • Validity period.
    • Sometimes - the history of the latest transactions (for cards without dynamic encryption).

2. What can be stolen?​

  • Card details (but not CVV/CVC as they are not transmitted via NFC).
  • Tokens for one-time payments (if the card supports tokenization).

3. Use of data​

  • Online shopping: If the card does not have 3D-Secure, fraudsters can pay for goods.
  • Creating a clone: For magnetic stripe cards (rare, as NFC and EMV chip do not provide complete data).

NFC skimming protection​

1. For cardholders​

Use a shielded wallet (RFID blocker) - blocks the signal.
Disable NFC in your phone settings when not in use.
Switch to virtual cards (Apple Pay/Google Pay) - they use one-time tokens.
Enable transaction notifications in your banking app.

2. For banks and payment systems​

  • Tokenization: Replacing the real card number with a one-time token (Apple Pay, Google Pay).
  • Dynamic encryption: Each transaction generates a new code (EMV standard).
  • Payment limits: PIN requirement for amounts above a certain threshold.

Limitations of NFC Skimming​

  • Cannot be stolen:
    • Full CVV/CVC code.
    • PIN code.
    • Data for 3D-Secure.
  • Useless against:
    • Apple Pay/Google Pay (use tokens).
    • Cards with mandatory PIN for all transactions.

Real cases​

  • 2023, Spain: A group of scammers with NFC readers stole data from 50+ metro cards. The victims only noticed the charges after a few days.
  • 2024, Moscow: Criminals tried to swipe cards in crowds at train stations, but most transactions were blocked by the bank due to suspicious geolocation.

Conclusion​

NFC skimming is possible, but ineffective against modern cards and smartphones. Key protection rules:
  1. Do not carry the card in the open (use an RFID wallet).
  2. Use Apple Pay/Google Pay - they are safer than physical cards.
  3. Monitor transactions through your banking app.

If the card has already been compromised, block it immediately via the bank's app.

Need more information about contactless payment security? Ask!
 

How does NFC skimming work?​

NFC skimming is a fraudulent method in which criminals use contactless communication (NFC, Near Field Communication) technologies to steal data from bank cards or other NFC-enabled devices. Here's how it works:

1. How NFC works​

NFC allows data to be transferred between devices over a short distance (usually up to 10 cm). This is used for contactless payments, when a card or smartphone is brought to the terminal.

2. Using skimmers​

Fraudsters use special devices - NFC readers, which can read data from a card if it is within the device's range. Such readers can be:
  • Mobile: Attackers can carry them with them in crowded places such as transport, markets or shopping malls.
  • Stationary: Devices can be installed on ATMs or payment terminals, disguised as part of them.

3. What data can be stolen?​

With an NFC card, you can consider:
  • Card number.
  • Owner's name.
  • The expiration date of the card. However, the CVC code (the three-digit code on the back of the card) is usually not transmitted via NFC, which limits the fraudsters' options. However, the stolen data can be used for online purchases at stores that do not require the CVC code.

4. How do scammers use stolen data?​

  • Creating Fake Cards: In some cases, the data can be used to clone a card.
  • Online shopping: If a store does not require a CVC code, fraudsters can use the data to make purchases.
  • Selling data: Stolen data is often sold on the black market.

5. How to protect yourself from NFC skimming?​

  • Use protective cases or wallets: They block NFC signals and prevent data from being read.
  • Disable NFC on your phone: If you don't use contactless payments, disable NFC in your settings.
  • Be careful in crowded places: Keep your card in a safe place, especially in transport or markets.
  • Use cards with additional security: Some banks offer cards with a swiping protection feature.

Conclusion​

Although NFC skimming is becoming increasingly popular among fraudsters, its capabilities are limited by the built-in security measures in bank cards. However, it is important to be vigilant and use additional security measures to minimize the risks.
 
You must log in or register to reply here.

Similar threads

chushpan
How do smart cards work
Replies
1
Views
89
Man
Man
chushpan
How EMV chip technology works
Replies
2
Views
53
Cloned Boy
Cloned Boy
chushpan
Understanding Cloned Cards and How Cloning Works
Replies
0
Views
133
chushpan
chushpan
chushpan
How Does ATM Skimming Work
Replies
1
Views
47
Man
Man
chushpan
How does a POS terminal work?
Replies
0
Views
80
chushpan
chushpan
Back
Top