EEVblog
Вставка
- Опубліковано 13 жов 2024
- What's inside the ArmourCard active RFID jammer for NFC contactless credit cards?
Does it work? Will it protect you from skimming?
Forum: www.eevblog.com...
Patent: www.google.com...
Lithium Battery: www.gmbattery.c...
EEVblog Main Web Site: www.eevblog.com
The 2nd EEVblog Channel: / eevblog2
Support the EEVblog through Patreon!
/ eevblog
EEVblog Amazon Store (Dave gets a cut):
astore.amazon.c...
T-Shirts: teespring.com/s...
💗 Likecoin - Coins for Likes: likecoin.pro/@...
Also look at Guardbunny - a self-powered open source RFID jammer
Pretty sure the micro is a STM8L, see the SWIM programming pin in the patent PDF.
STM8L151x2/STM8L151x3 have marking code "L526", so probably the micro used on the board is STM8L101x1/STM8L101x2STM8L101x3
UPDATE: L536 is STM8L151F3U6
$0.15 per meter for Aluminum Foil at Coles. I noticed that the card in this video had a $58 price tag on it. That equals 386.6m of Aluminum foil.
So you've got enough to wrap around your entire house and your head as well. Extra safety!
I measured it. I can make 15 strips of foil to fit in my wallet per meter of foil from the standard pack. 15x386.6 = 5799 protected wallets. You could get more than 5799 if you utilized the wasted foil at the top of the strip after all of the cuts have been made.
I much rather aluminium foil. The extra 'i' really means something to me.
Wouldn't you rather gamble on this thing working and its battery being good than Al just working?
tinfoil hats incoming
Would have made more sense if the active jammer was actually a pocket/pouch that you slotted your card into. Then it'd have made more sense to have the touch sensor so that you'd hold it by that portion when performing a transaction.
yea exactly, that you could disable when you actually want to read it by a simple press.
Your videos give me heartburn. Every darn time I watch your videos I have to get a bowl of cereal half way through. :/
Wow, 58 bucks for one that will get smashed in wallet, or
Tough choice...
+Owen Robinson In you are wallet? Hmm, much interest.
I'm not sure. You would have to do some extensive modding of your wallet to prevent the foil from crinkling up from repeated removal and insertion of the card from the wallet. The main selling point of this product over al-foil is to not have to remove the card in the first place. All you would have to do is stick your finger in there while you swipe your whole wallet over the reader.
What about "EMI tape"?
Its very flexible.
Might work. The problem isn't really flexibility as much as stopping the shielding material from moving around. If you were producing a wallet in a factory, you would probably sew whatever material you choose into the lining of the pocket. If you buy a wallet, you don't quite have that option easily available..
I love how they didn't think about an active NFC jammer nearby, did they think it was just a gimmick or something?
You wouldn't buy one, but you bought the last one for the sake of the teardown.
Mission accomplished!
Hm... I paid roughly 20 euros back in 2013 for a nice and solid aluminium card case, which actually reliably protects the cards from getting smashed in the wallet and will stop any RFID reader, forever and with no chances of a mess if the battery gets breached... 58 bucks (even AUD) seems awfully steep for a product like this, unless you expect to be able to run with the scare tactics. Then, again, if people really buy into the myths, they'll probably prefer the aluminium foil, both in their wallet and as a hat.
Oh, wait, no, I forgot that over the last couple of years there has been something of a bullshit scare about aluminium, too...
battery lasts 2.85 years in standby... the QC sticker said 2015... at least a year gone already also you said the POS box was located next to the card reader... so maybe take the .85 as well. not much for your 58 bucks lol
Great stuff Dave. One thing I've not seen anyone address is how far away can you read the modulation of a valid scan. I.e. Could you passively scan the data from a genuine transaction from a distance and get usable info?
Bank cards use encrypted communication, so you would not be able to get replay-able or clear-text data.
Rather interesting. My dad has been skimmed twice on the London Underground.
I'm surprised that thing needs a battery in the first place: it should be getting all the power it needs to do its jamming from the RFID field and its large antenna.
Certainly should. Someone gave me an RFID jammer that works exactly like this. Perhaps the battery is there to avoid another patent?
For cards I do not intent to use the NFC, I used a strong flashlight to identify the coil. Then scratched a 3x3mm square with an exacto knife until i reached the coil layer and separated some of the strands. The cards don't loose other functionalities, like when frying it in the microwave.
Other cards are in a RFID sleeve from ebay. They work very well and you get a couple for a few bucks.
I suspect they are using a crystal as most low end micro internal RC oscillators do not meet the required accuracy specification for the protocol unless they are calibrated which is a pain to do on high volume low cost items. Probably cheaper to buy 1 million crystals rather than have to calibrate each unit. Power is unlikely to be an issue as the micro probably runs on an internal RC clock until it needs to modulate.
The UK consumer magazine "Which" investigated the problem of contactless card skimming. They found that the main danger was that the card number and expiry date were easily read and that they were able to use these (without the CVV) to buy goods online from unscrupulous retailers. Valid credit card numbers can be generated by software and so by themselves are not valuable to a criminal but having the expiry date makes them much more valuable. So there is a reason to take some precautions. I have been keeping a banknote sized piece of aluminium foil in my wallet for some time. It doesn't need to wrapped around the card, it just pretends to be a £10 note and presents zero inconvenience.
This is also a good reason to not let any Tom, Dick or Harry (or Bruce) see even the front of your card, let alone the back.
The common attacks which can work on your NFC credit card are the relay attacks, the easiest way to protect yourself against it is to have 2 NFC enabled credit cards in your wallet. Since the anticollision is not allowed in the payment applications, so unless you take them out, you are going to be safe. Without any thin foil or any other jamming device.
Hi Dave, thanks for your videos, I appreciate all your effort. I am a "young player" and I learned a lot from your videos where you were actually building up circuits and scoping around. Can we get more of those?
10:45 Feeling of shock as I almost thought Dave was going to decide to not tear it down.
I am all for the tinfoil hat (or in your wallet), but this seems redundant. Now a more powerful model that would work in a 2m or more radius would be a lot of fun to take to your local Starbucks...
that sounds like a fun field trip!
I remember a girl that had been to South America and returned with a dorito bag wallet. That's probably more than enough to block any sniffers.
So it's like one guy trying to speak to you (RFID CC) and then another guy walking up, holding his mouth, and screaming (jammer)?
I would have thought it would be something that you put your card inside of. That would make the deactivation button make a lot more sense. So its working all the time and then is deactivated when you want to use it.
That's what I thought at first, too.
I thought that at first!
It's a jammer so it emmits noise around it - it is not a "blocker" like a piece of foil would be so you don't have to enclose the card.
Graeme Bragg I understand how it works. I just think it would probably function better if it was like a case for the card.
The deactivation switch would actually have a purpose then.
I want an RFID blocker good enough for shoplifting. Wait a minute, I've been messing with electronics for 48 years, maybe I should build one.
Love your videos Dave!
I bought something like this from JB Hifi for about $48-took with me on our US trip last year.
I was going to get the uCurrent Gold, but I've decided to wait for the uCurrent Unobtanium Pro Collector's Extreme Edition 2+ to come out.
very interesting. thank you Dave
My guess is that they didn't go with the internal oscillator because of the inaccuracy issues due to temp. and voltage, or maybe the external oscillator was a cheaper solution than a microcontroller with an internal one.
Can you review a fluoride water filter next?
You keep drinking your Fluoride there Jake, that there neurotoxin be gr8 m8.
I personally use an RO filter. Since the fluoride in my municipal system is added via fluorine gas the fluoride is ionized to the water, making it very difficult to get all the fluoride out. It's still better than downing a bottle of Dasani like our buddy Jake would. How's your pineal gland bud? Pineal what?
Baaa Baaa Baaa Alex Jones Baaaaaaaaaaaaa
i keep my cards inside one of those aluminium businesscard boxes, but mainly for physical protection against breaking from sitting on them
I wonder if the data the jammer puts out is completely random? If it's not then surely there's a chance that Billy Black Hat could just make multiple reads of the card to determine what the noise is from the jammer is and subtract it. Certainly more difficult than just scanning the card but within the bounds of possibility.
In Denmark you are limited to the rough equivalent of 40 AUD / 25 Euro per contactless transaction :)
in Norway it's 21 Euro (200kr) per transaction and max 5 transaction until you have to enter the pin again.
I don't even remember reading if it was per day, I think it's 5 transactions in total until you have to use chip and pin.
Seems secure but a bit of a hassle (I hope it's per day)
I think you use the disable pad when you want the reader to be able to scan thru your wallet otherwise the RFID jammer blocks any signal.
Drinking game read the patent and drink with contactless jamming and rfid. Guarantee understanding of every circuit ;)
15:00 that's probably STM8L151F3 iirc, I have many of these for playing around.
I note that that the "touch sensitive interface" is included in Claim 1 of the patent which could be a big mistake.
Have you seen a product called Skim Guard? It is on Australian TVSN and claims to do the same as this with a battery that recharges itself from the rfid reader apparently.
I made a little thing that makes an audible beep when something that scans card comes near my wallet. As for the cards themselves, I made a slip from aluminum tape and a paper sleeve. Ive have one person begin to actively evade me when he heard the beep.
Could you give me the circuit?
I would like to build one myself.
If you sell it, I will buy it :)
my original sucks, im waiting for more aircore coils in the mail and cobbled something better (and self powered) If all goes well, itl be open and maybe find a way to build a bunch for people interested in buying.
Thanks :P
Keeping two different RFID cards next to one another is a simple but good technique to prevent them being detected. When interrogated, both their replies are received together and interfere with one another so that the receiver cannot sort out what is going on.
No, the protocol has anti-collision detection. I showed this in the last video.
Right, but if both cards are sending valid data, how does the reader though which to use? Of course from a security perspective that is irrelevant, I just got the credit card number from both, but it does prevent a legitimate reader from doing the transaction.
@@EwanMarshall From what I remember, the anti-collision feature allows enumeration of all cards that are currently within reading distance. The reader then selects the ID of the card it wants to communicate with.
@@0xbenedikt Yes, unless the reader refuses to do it. And that is the issue security wise. Official terminal may not do it, but I can come along and do it with my own reader just fine.
risk is higher over here, people are going on the tube in london at busy times and just skimming past everyone for £30 (UK max limit) also having them next to the reader like that would be draining the battery of the cards :P
Sorry if this has already been mentioned but there are many comments. In the shop they positioned the jammers next to the FPOS terminal. If it is close enough to the jammers to activate them how long before the batteries in them are exhausted?
Nice video Dave! Interesting, I didn't know about the transaction limits for contactless card transactions. I don't have any cards with contactless capabilities, and don't want one. (We barely got the 'chip' here in the states, and most places still use the mag stripe). Anyway, what I worry about is that someone makes an amplifier or relay system that allows the contactless system range to be extended. That's what some car thieves are doing with the new car keys. I always enjoy your videos. Cheers!
Seems like the way to exploit RFID transactions is to use a "man in the middle" type attack - 2 accomplices, one who makes the transaction at whatever shop, using what looks like a debit card but is actually connected to a mobile phone with a wire up the sleeve or something, connected to a smartphone running an app that sends the received signal from the EFTPOS unit over the net to someone else with a similar setup that passes the signal on to the victim's card, and returns the appropriate response to the person in the shop. They could be on opposite sides of the world and it could still be done
I know that this is old but a fabric woven from wire or fine silver wire made into a purse or wallet will stop any type of scanner in it's tracks, no need for a knife to tear down that card just put it in a jar half full of Acetone and leave on it's side for 48 hours and the casing will come off very easily then wash it off with tap water and bingo a very easy teardown although I used cellulose thinners to get to the innards OK.
Apart from using foil, couldn't you just short circuit the coil in order to put constant load on the signal?
You can buy RFID blocking wallets at a very reasonable cost. I have one for my Passport. Excellent video!
$58 bucks???? I'll go buy a aluminum wallet for $5 on the bay.
5$ is too much, just DIY or use an ESD bag.
Can you read the data from the wavelengths? or would that take an unnecessary amount of reverse engineering?
this is an old old video by now but .. I really have to suspect that being an ordinary *rechargeable* li-ion cell ..
I'd suspect way cheaper & 'good enough'
No. The part number on the battery indicates a primary cell. Unlike some high-power disposable electronic cigarettes, this works perfectly fine with a higher impedance primary cell.
If you have a box of them, and you set one of them off, how do they make sure they don't keep eachother going and drain the battery trying to jam each other?
I think the card only activates itself if the reader (transmitter) signal is strong enough. So if you have a strong transmitter it probably starts to jam earlier
Couldnt you just fold a nice peice of aluminium foil and put it inside you wallet so when you fold the wallet it creates a faraday cage around the card.
Did you know, the card in the mail is read protected. it works only when you pull it off the paper.
Why can't NFC cards have touch button built in? Then you could use that button to select the mode of operation. For example, hold it for 30 seconds to enable always active (normal) mode, hold it for 45 seconds to enable "on demand" mode in which you have to hold the button to make it work with NFC. People who don't care about security could use normal mode and people who are concerned about security could use "on demand" mode. And everybody's happy.
I don't know if Australian keyboards are that much different, but on a typical German keyboard, you can easily produce a real µ symbol with AltGr+m … no need to use the "u" (which is only to be used if you're limited to the Latin alphabet).
pretty sure it's every keyboard, the only difference might be the person using it not being aware of the short cut.
You'd be surprised how many people I've seen Right click, Copy, Right click, Paste....
you mean é? nope mine doesnt do that. just é and § and ╚ and } and ƒ and i have to type in random numbers to get all those. 2äa╠YK51▼┌╧O•vc←F╩
What happens if you increase the supply from 3v to say 3.3 / 3.6v, is the range affected at all?
it wouldn't affect the range at all, as the mosfet and load resistor are simply loading the coil. Applying more input voltage wouldn't increase the range, to do that with this design you would need to modify the coil itself. Although I doubt the range would ever be very great. The only practical way to jam a larger area would be to actively drive the coil and dump RF noise onto 13.56. However, that would likely also be just as illegal as operating a cell phone jammer
Best solution is to cut any card the bank sends like that and mail it back to them in parts.
I don't think that would be capacitive touch because theres are two separate traces. It just seems like they are using your finger as a conductor and then if the there is any current flow it'll just act as a switch. If it was capacitive touch, then they would only bother having one trace.Could be wrong though that might be because of there logo and they only use one half of the trace
They need to patent the "armourglove" for when this chip get implanted in the hand.
As posted before I have metallic Christmas foil in my nylon wallet ! Yes, I recycled my Christmas wrapping paper. And thank you for showing a real time use of your micro Current device ! Thank you for the video ! tjl
I see that these are currently unavailable on Amazon. Around $55 US.
Nobody stole my lunch in high school, we accessed it with a magnificent white RFID card labelled with our name which was written with a bold fat green magic marker pen.
So question, those myki readers or the Sydney equivalent. Would a magnet cause enough interference to disable them?
Instead of random data it should send back profanity. Or dirty limericks.
Click where, to see the previous video? I think on UA-cam on Android doesn't show your links, mate.
would the silvery plastic shielding material of an antistatic bag work? It's somewhat more resistant than alu-foil, also conductive but maybe not enough?
Let's do a teardown and THEN give it a try ... love the vids (not so much the overpriced electronics in Australia ...)
Hi Dave,
I remember that you had posted a video on a review of the Rigol DSA 815 TG Spectrum Analyzer. I bought one a couple years ago and I have been quite satisfied with except that lately, the clock has started to run intermittently at 1/8 the normal speed. It does not seem to have upset the normal operation of the analyzer but makes a mess of the date and time of the stored files that I transfer on the USB memory device. Recently, I found a Rigol Web page where one could ask for an updated version of the firmware. Thinking that this could solve the problem, I sent my request and never got any answer. Do you ave any suggestion as to a way to cure this problem or a Web site where I could get some support and answer from Rigol? Thank you.
Such a device would presumably be illegal in the US, which bans the use of active radio jamming devices of any type.
Couldn't you do something like this on the super cheap with just a 555 and maybe an external switch?
I was wondering why banks didn't give these things away free when you open an account, then you mentioned the price at the end. I'll stick with slipping a bit of foil behind the photo in my wallet..
Thanks for the heads up.
Use JackLess app for bank cards, not NFC Taginfo
"Couple of turns", that is certainly "more than a few". ;)
wow 22:03 german id-card.
well i threw in to the microwave. is more secure now.
you tampered with government property. You are on the list now. Do the same with your bank card and phone, also makes them more secure ;)
*****
my bank card has no rfid, so without steeling it and knowing the pin is not usable. (and its not a credit card, a ec-card)
I've never quite understood national ID cards like that, like when do you actually use them? Perhaps it's just because there isn't a national ID card here (in the UK) but I've never really come across a time when having a national ID card would be advantageous.
Also, what is the RFID for?
Callum Aitchison when you cross a border, the policeman has a reader. Makes it easier to find out if you're wanted for something without entering your details manually
***** Ah right, guess that makes sense. I didn't think about Schengen borders
I wonder how the foil and the jammer will behave with a real attacker reader, I mean with a much power full one.
I drilled a hole through my new card as soon as it arrived. I'm all hyped up for new technology, but as soon as banks or credit card companies are involved you know it's bad.
According to the A in the patent number it's only a patent application. A granted patent would have a B in its number.
I'm not really clear if the jammer prevents the card from waking up and 'speaking' or if it just confuses the POS reader...if the card is waking up and speaking it seems possible that a criminals rfid reader might be able to subtract the jamming signal and view the data from the card even if legit POS readers aren't able to.
TBH pretty unconvinced that rfid cards have any advantage for me as a user. the PIN system made it difficult for card thieves / pickpockets to use my card and the rfid system doesn't do anything to stop them... nobody asked me if I wanted a less secure card attached to my account, it just turned up.
Can't the periodic signal be analysed via Fourier analysis and cleaned?
"I wouldnt buy one"
But you did it xD
Not only creditcards have rfid chips. All german passports and german id-cards have a rfid with all you're data, names, adress, fingerprints and other biometric stuff. These are interesting for identity thefs.
Not all EU. At least here in Portugal our ID cards are smartcards but without RFID features. They do have photo, address, electronic signature and timestamping and so on, but the data is encrypted and you need to input your pin codes to read/use it.
In the UK we don't even have national ID cards at all, and we're in the EU (at least for now :S)
dave plz try to make a passive one! i think it is doable, use the power it recives and scramble the readback by shorting the coil
Would it be possible to make one of these that would work in like a 15cm range? That would be a lot more useful than a 1 cm range.
"i brought the last one"...."i wouldnt buy one!"... but ya did!
If the jamming signal isn't random, would it be possible to program the reader to un-jam it?
Is it posible to do a more Active countermesure, make the scaner fry
just looked up the nfc app on google play, people really really really seem to hate this app. I wanted to try it out at first, but now not so much :p
That μCurrent Gold looks sexy!
Edit: As much as al foil is a suitable replacement, the average Joe isn't going to be that educated or aware of this fact. But they are susceptible to the advertisements on the product.
I wonder what the cost per unit is. Seems like they are making a killing on them at $58.
"Nyeah ya wastin yir time, I wouldn't buy one" Lol, You just did.....
Wonder of two of those close to each other would activate both and drain the batteries faster.
No, as RFID cards (and jammers) operate passive. They basically increase and decrease the current they draw from an external field to communicate with the reader. The jammer just uses the same approach as the card, but masks any data that would otherwise be sent. As these jammers don't emit a field themselves, they would not affect or detect each other.
Would it be possible to make some sorta app on your phone to do this? Also harvey norman sell these cards and they keep em next to the eftpos machine. 58 bucks stuff that.
shine a bright light under the card and you can see the RFID antenna
ouch they are expensive
no man it doesn't work as the card it actually works like a transmitter doesn't depend on the current induced by the reader it transmits a discrete signal back and not modulate the reader's one, so it doesn't modulate using a load as you said!
it just drives the coil at the frequency mentioned the crystal is used for that and the micro just modulates it periodically.
Look at the patent schematic, MOSFET's and a load resistor across the coil do the modulation.
It does not drive the coil at 13.56MHz.
hmmm i saw it you are right, that crystal... why 13.56mhz?
6:18 wasn't it all about the right *tongue* angle? hum, puzzled :-)
Amazing how these chips are supposed to increase security but now people have to protect themselves from possible thieves who can make transactions on their card just by being near them.
If people can modify traditional card readers to steal card information, what's preventing them from embedding their own scanners in legitimate scanners?
I'm sure it may reduce overall fraud but you would think they could come up with a better solution. Like why not have the same protocol, but communicated via electrical contacts on the card and reader?
Hmm. I think the thing people are forgetting is that there is always a chance of being insecure. At the end of the day, there is a significant barrier to stealing someones money using this. First of all collecting the data via RF (the easy bit). But what people miss is that the back end of authorizing transactions live via the internet is very secure, and difficult (not impossible) to break.
Thieves will go for the low hanging fruit, there are much easier ways of taking your money, stealing the card completely physically, using it online, hitting you and stealing your cash, etc etc.
This method while not perfect, has a low enough probability that the credit card company can use the fee to provide insurance, so for the consumer there isn't any serious risk, and a huge jump in convenience.
Overall still less likely to lose money than having a magnetic strip skimmed (which they still use in the US for some idiotic reason, with SIGNATURE a laughable security method), or even getting cash stolen.
Very interesting from an EE perspective though.
the worst part is that it isnt actually that much faster. the only reason why its faster is because you dont have to enter your pin. if they just used the dipchip without a pin for up to a 100 than the same speed increase would be gained unless the supermarkets dont actually clean their readers. the only thing that it does is make it low maintenance for card reader owners. thats not a compromise im willing to make.
LOL! At 22.05: German identity card sample ...
Contactless credit cards are already getting phased out in the US. They are not safe. Credit cards issued now, should only be the chip cards, still with a magnetic strip.
HAHA! what were they thinking when they put them right next to the RFID scanner??? xD