Live 1057

Free Internet Radio Stations
How safe is contactless payment? || How does RFID & NFC work? || EB#40

How safe is contactless payment? || How does RFID & NFC work? || EB#40

Nowadays, it is becoming more and more common to use a service like for example Google Pay to… like the name implies Pay for something in a store without using cash. Even I use a contactless payment methods with my Girocard. Which I only have to hold in front of card reader in a store for a couple of seconds to make a payments. But, of course when it comes to money, there will always be safety concerns. So, in this video Let’s learn a bit about RFID and NFC which are the technologies used for contactless payments. And at the end Let’s determine how safe this payment methods truly is? And whether it makes sense to use the RFID and NFC technology in our own simple Arduino projects. LET’S GET STARTED! This video is sponsored by JLCPCB who manufacture 10 PCBs with dimensions of up to 10 × 10 centimeters for just $2! Their boards of a good quality and feature 24-hour fast turnarounds. And best of all, their batch PCBs are cheaper than from most other PCB companies. When we search for “RFID Reader Arduino” on eBay We get quite a big selection of boards to choose from. But they boil down to three popular ICs. Those are the RDM6300, PN532, and RC522. To not miss out on anything. I ordered all three of them which luckily all came with either an RFID tag or card. But how do we use them? To find that out, I hooked up the RC522 board to Arduino UNO development boards. According to the wiring scheme, which was presented in the dump in full sketch of the RC522 Arduino library. As soon as the connections were established and the example code was uploaded. I opened up the serial monitor. Who after bringing the tag close to the boards sped out a whole lot of information. But why did that happen? And what does the information mean? Well, RFID stands for “Radio Frequency IDentification” which means it has to do with wireless communication. When we have a closer look at the PCB of the reader we can see that the features an antenna which we can draw simplified as a coil. Now, the reader IC in combination with some passive components pushes a sinusoidal current through the antenna which therefore creates a magnetic fields around the coil. The most-used frequencies are either 13.56 MHz (HF) (HF – High Fequency)
The most-used frequencies are either 13.56 MHz (HF) which the PN532 or the RC522 used. And 125 KHz (LF) (LF – Low Fequency)
And 125 KHz (LF) which RDM6300 used. The tag guts which we can clearly observe in this transparent housing consists of an antenna or coil as well and a small chip. Which, for example can be the Mifare Classic 1K (NXP). (Or it can be NXP iCode SLI)
Which, for example can be the Mifare Classic 1K (NXP). When the tag coil enters the magnetic field of the reader it uses a voltage into it and thus also occurrence which powers the IC. This is called “Wireless Energy Transfer”. And if you have never heard of it I recommend you to watch my wireless charging video as well as my DIY wireless energy transfer system video. Now the tags IC is powered and as we can see in its datasheet holds 1 KB of data that it wants to tell us, But how? To find that out, I formed the loop with my oscilloscope probes ground wire and had a closer look at the magnetic fields of the reader. As you can see here. It truly uses a frequency of 13.56 MHz and we can also observe that the amplitude of the sine wave changes quite a bit while the reader and tag communicates with one and other The reason is, that as soon as the tag IC is properly powered It uses a build-in transistor to short its coil according to the data it wants to send over. This short circuits secondary currents temps the carrier wave currents and thus can be observed as slight changes in the amplitudes. And that is how the RFID tag talks with the reader. I will not go into detail though what the exact steps of the data exchange are. Since there are plenty of tutorials out there that cover this. And we do not want to get too technical. What is important is that as soon as a RFID tag gets too close to a RFID reader it will spit out all of its information. Which means it is pretty dumb. But more about that later. Because contactless payments does not use RFID, But instead NFC which stands for “Near Field Communication“. Only problem is that NFC is a type of RFID. Only difference is that we got more standardized rules stated in for example, ISO 14443, ISO 18092, ISO 21481 (also, ISO 15693)
stated in for example, ISO 14443, ISO 18092, ISO 21481 Most Importantly though. We only use high Frequency So, a distance of a couple of centimeters between reader and tag is mandatory. And you can also use a reader as a tag to exchange more complex data. (Android Beam, S Beam, etc.)
to exchange more complex data. But let’s take a quick break from NFC and let’s go back to the Arduino example. We can use the reader to also write new data to the RFID tag. And of course use a part of the text data as an identification password too. For example, light up a LED That means such an Arduino RFID reader and tag is great for projects where you need permission for something to happen. Which I will keep in mind for future projects. Okay, quick break over… So let’s ask the question: How easy it actually is to read the data from my Girocard? No matter what I tried or what kind of code I utilized the The RC522 not recognized my card. And by utilizing the PN532 board which can handle more kinds of RFID tags. I was also not capable of reading any data. But that does not mean that there is no way to do that. Because every modern smartphone nowadays comes with NFC functionality. By installing the “NFC Tools” app (SubMaker: I also recomment NXP TagInfo)
By installing the “NFC Tools” app we can for starters scan the previously use tag to see some general information. But also read out its entire memory. Now, this time my Girocard got recognized. And apparently it is an ISO 14443-4 compliant tag. But while trying to read its memory the app said that this type is not supported yet. The reason is probably that while it is true that RFID tags will send out that data pretty carelessly. That does not mean that it is not encrypted. By for example, a shared key. Combine that with the effects letter close proximity is mandatory and you mostly got a payment limits Contactless payment is not as dangerous as most people might think. And if you want to be super safe You can always get yourself an anti skimming card holder for a couple of bucks. It’s metal material jams the radio frequencies and thus let circuits not interact with an RFID reader. And with that being said, RFID is an important technology. Which, for example allows me to own a card that opens my youtube channel if I bring it close to my smartphone. I hope you enjoyed this video and learned a thing or two. If so, don’t forget to like share and subscribe. STAY CREATIVE AND I’LL SEE YOU NEXT TIME! (Subtitle : PolaX3)

100 comments on “How safe is contactless payment? || How does RFID & NFC work? || EB#40

  1. Hey. Ich kann nicht so gut Englisch, deswegen mach ichs mal auf Deutsch. Ich habe eine Frage. Undzwar kann man zwei oder mehrere unterschiedliche (Kapazität) Li-ion akkus in Reihe oder parallel schalten? Oder müssen die die gleiche Kapazität haben? Lg

  2. I have a request . Please . How i can made a DIY projects for DC dummy loud max 500w 100v using 2 mosfet and can modified to 1000w with 4 mosfet

  3. Hi 🙂 can you make a tutorial about Rotating Turntable for Product Videography/Photography.. based on arduino and stepper motor.. DIY or Buy Episode !

  4. The app probebly recognised that it is a debit/credit card and defaults to "I don't understand". As with near feild. There was a couple flif French guys at defcon 14 who showed that with amplification you can read nfc and rfidfron a further distance

  5. Please use to give link to components for also so that i can help you too…. While buying stuff for me…

  6. You're just using an app that can't speak the EMV protocol. Any NFC EMV payment card will produce its card number, expiry date and so on without any special authentication. It works just like a contact EMV payment card, because, well, it is. It's the same protocol for contact and contactless transactions. In the United States there is even something called “magnetic stripe emulation” which is as terrible as it sounds.

  7. If you have an android device then can read the data on the card.

  8. There are possibilities to hack such a card but they are way more complex as using an arduino with a reader from ebay.

    But what could work are those rfid tags with a button to open a door with. On the door there is instead of a keyhole a reader and you could copy the data of one tag onto a new one…

  9. Theres progeam credit card reader for phone it was able to read nfc tag from card and like last few transactions ( tested on visa )

  10. With Rfid come new issues on security. Biometric hackers, body snatchers, it's just gonna add to the problem. Stick to cash.

  11. Hi scoot
    I have broblem with mfrc522 moduel l put it i project it work 1 day and it not work good again and finally it stop i change it with another one it work and after some time start it stop working i restart arduino alot of times some times it work and stop again what is the broblem here
    all my connection is good power 3.3 volt all wires is isolated
    Can you help me with that
    Great Scoott!

  12. Can you hack the train travelling card which uses this same NFC technology so that we can travel for free

  13. Great video my friend… Nice format!! It allows people that aren't too technical to somewhat understand the tech they use everyday, and the people that are tech savvy can look up the IEEE standards to acquire more information…

    I had a professor in college that taught this way.. He called it "The Big Picture".. It allowed us to start thinking about the subject before we fully understood the science behind it.. That way, we weren't 'blindly' learning and it sparked our interest.

  14. no payment is eever really save every way of spending anf keeping money brings dangers

    having money in your pocket can get you robbed aswel

  15. Crazy idea:

    What if, your RFID card had a normally-off button built in, to interrupt the energy supplied by the wireless energy coil, until such time as you want to let the information be transmitted?

  16. Ah yes, the classic German confusion of “safety” and “security” (since in German, they’re both “Sicherheit”).

    RFID is perfectly safe, because it does not damage your health or life. (That’s “safety”.)

    On the other hand, its security is questionable. (Because “security” means resistance against unauthorized access.)

  17. Those blue key cards you got remind me my gym key card I use so my question is this if I’ll use one of the rfid readers i can scan my key card and get some information right? Can I transfer it to a different card let’s say to a white one as you used in your video or I couldn’t perform such act cause of the different frequencies?

  18. I always love watching you draw and write on paper in your videos. It's a cool aesthetic you don't see often anymore.

  19. Contactless payment is not dangerous since it is a RFIC card instead of RFID card that uses an internal key to sign transactions. Therefore, it is ridiculously hard to clone it even if you get physical access to the chip. Even in that case, just use the CVV is much easier 🙂
    Also, mobile payment is great because it requires you to confirm before release the information. like apple pay or sumsung pay.
    In my opinion, ApplePay may be the most safe method since it have a physical chip dedicated to cryptography and generate a unique transaction id to perform the transaction.

    BTW, the magnet strip contains card#, date, and CVV. therefore, a card w/o card number is just as dangerous if it have a magnetic strip on it. Therefore, I am disappointed that Apple Card have a mag strip on it and still marketing it to be safer. Is your threat model people who are just taking a picture of your card when it is lying on the table?

  20. I'd like to build something for my grow room to sense when the temp is low and turn the heater on and when its yoo high to turn it off and add more extraction. Would this help me somehow? The PCB I mean not the RFID. Lol

  21. Not true. Credit and Debit cards can be also easily read by "Application Protocol Data Unit" – APDU. You just need to read them differently. Try Credit Card Reader app on Android or google "Reading Credit Card data via NFC with an Arduino".

  22. They reduced the 10 pcb to 5 pcb for 2 dollars XD but i think its not that bad because if i wanna build 1 or 2 circuits i would have 8 or 9 boards left, maybe they also have a mistake so you have 10 pieces of garbage

  23. HEY I HAVE A QUESTION PLEASE. What happens if you put your phone over the rfid reader? Not the card, I want to know if the reader reads the NFC of the phone. Thank you

  24. 3:22 I have the same tag for a year now from gearbest and i love it! But one time it fell on the ground and now there is a gap between the two resin pieces that are smeared together to hold the coil in place.And i dont know how to fix it,can someone recommend some transparent glue for that. Super glue won't work i think?

  25. How big is the antenna in a typical credit card? It is invisible against a light. If I keep a credit card, a customer loyalty card and a public transport pass in the same wallet, I can't seem to use any one of them without removing it, which is an inconvenience in busy transport while carrying bags. I'd rather have a normal bank card.

  26. I could tell you are from Germany firstly from the EC card in the video thumbnail because I had the same when I lived there. Thumbs up for team lefties, as I am one as well. 👍 Good video, thanks for sharing!

  27. Hello sir ! could you please make a video on "a table with circuits and poured resin on it" as a purpose of home decoration for the lovers of electronics.

  28. Can someone explain the code on 6:22
    LED = !LED;
    digitalWrite (5, LED);
    Why is he using "LED" instead of "HIGH/LOW"? Is that a boolean value? Cause when i try to use that with push button I get numbers 0 and 1 which is obvious, but LED is very dark untill i try analogWrite command with 255 instead of HIGH.

  29. Hey Scott, its a little bit late but there's an app for android in the play store called emv card reader, check it out

  30. Ok cool and all but how do I get my Contactless card on my NFC enabled ring? I kinda wish you could just download the payload to flash to any NFC tag from your bank's site… encrypted and shit but I really wanna pay with my finger xd

Leave a Reply

Your email address will not be published. Required fields are marked *