Tomcat
Professional
- Messages
- 2,689
- Reaction score
- 929
- Points
- 113
Sec-Tec, a company specializing in information security, has found that inexpensive thermal imagers for smartphones can help fraudsters steal a bank card PIN code from an ATM pin pad. Thermal imager modules can be bought for several hundred dollars: for example, FLIR One for iPhone will cost 23-25 thousand rubles in Russia.
The company has tested several ATMs, locks and safes for security. The buttons retain the warmth of the human hand for more than a minute after using the keys.
The thermal imager can easily determine which keys have been pressed, but the main problem for burglars is the order in which they are pressed. Sec-Tec found that not all terminals have a mechanism to prevent PINs from being entered multiple times, so scammers may have enough time to try all four-digit combinations. Sec-Tec
was able to bypass two-factor identification of door locks by combining a thermal imaging attack with RFID cloning equipment. To protect yourself from scammers, experts suggest covering the pin pad with your palm after using it to transfer heat to all the keys.
The company has tested several ATMs, locks and safes for security. The buttons retain the warmth of the human hand for more than a minute after using the keys.
The thermal imager can easily determine which keys have been pressed, but the main problem for burglars is the order in which they are pressed. Sec-Tec found that not all terminals have a mechanism to prevent PINs from being entered multiple times, so scammers may have enough time to try all four-digit combinations. Sec-Tec
was able to bypass two-factor identification of door locks by combining a thermal imaging attack with RFID cloning equipment. To protect yourself from scammers, experts suggest covering the pin pad with your palm after using it to transfer heat to all the keys.
