The convenience of paying for a coffee or supermarket just by swiping your card or cell phone has changed the routine of millions of people. However, according to a recent analysis made public by the technology portal Computer Todaythis technology that makes our lives easier has also opened the door to a new type of theft, more discreet and technological.
Police authorities have expressed growing concern regarding the phenomenon of so-called Pickpockets 2.0. This is a technological evolution of traditional theft, in which criminals are able to steal money directly from victims’ bank accounts without ever needing any physical contact or putting their hands on their belongings.
The scenario is simple and worrying. Nowadays, automatic payment terminals (TPA) are no longer just those fixed machines that we see on store counters. They have become small, light and easy for anyone to obtain. Many resemble external batteries or cell phones, which allows criminals to carry them in their hands or pockets without arousing any suspicion.
A bump that costs money
The tactics of these digital pickpockets are based on opportunity and confusion. For the theft to happen, the criminal configures the terminal to charge a low amount, which does not require the introduction of a PIN code, and looks for places where physical contact is inevitable. Crowded concerts, public transport at rush hour or compact queues are the ideal hunting ground.
When approaching the victim, simply touch the terminal to the area where they keep their wallet, whether in their pants pocket or in a shoulder bag. NFC (Near Field Communication) technology does the rest.
In a few seconds, the payment is processed and the money leaves the account. The victim, accustomed to the touching and pushing of the crowd, rarely realizes what happened until he consults his bank statement days later.
The accidental “clash of cards” defense
Despite the sophistication of the attack, there is a curious form of protection that many users already apply without knowing it. It’s called “card clash” or, in Portuguese, collision of cards. This phenomenon happens when we carry two or more cards with contactless technology next to each other in our wallet.
The logic is simple. When the criminal’s terminal tries to read the data, the magnetic signal activates all cards simultaneously. The reader, when receiving multiple responses at the same time, is unable to distinguish which card to debit and ends up making an error or canceling the operation. Ironically, having a “messy” wallet or having several cards together ends up acting as an effective shield against these unwanted reading attempts.
Cell phones are safer than plastic
Although there is a fear that digital wallets on smartphones are also vulnerable, the truth is that these devices offer a higher security barrier than physical cards. While a plastic card is always “awake” and ready to respond to a signal, the cell phone requires concrete action from the user.
In modern operating systems, such as iOS or Android, NFC communication for payments almost always requires the screen to be unlocked. This means that, for the robbery to be successful, the criminal would not only have to bring the terminal closer, but also ensure that the victim’s cell phone was unlocked and authenticated. Therefore, as reinforced by the analysis, keeping your cell phone locked in your pocket continues to be one of the safest ways to avoid these problems.
Also read:
