How safe is contactless payment? || How does RFID & NFC work? || EB#40

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments

The actual card number isn’t difficult to read with the right software. I would have liked a discussion of using EMV vs MSD. As far as I can tell, EMV uses a cryptogram whereas MSD uses a dynamic CVV.

👍︎︎ 1 👤︎︎ u/billatq 📅︎︎ Mar 05 2019 🗫︎ replies
Captions
Nowadays, it is becoming more and more common to use a service like for example Google Pay to... like the name implies Pay for something in a store without using cash. Even I use a contactless payment methods with my Girocard. Which I only have to hold in front of card reader in a store for a couple of seconds to make a payments. But, of course when it comes to money, there will always be safety concerns. So, in this video Let's learn a bit about RFID and NFC which are the technologies used for contactless payments. And at the end Let's determine how safe this payment methods truly is? And whether it makes sense to use the RFID and NFC technology in our own simple Arduino projects. LET'S GET STARTED! This video is sponsored by JLCPCB who manufacture 10 PCBs with dimensions of up to 10 × 10 centimeters for just $2! Their boards of a good quality and feature 24-hour fast turnarounds. And best of all, their batch PCBs are cheaper than from most other PCB companies. When we search for “RFID Reader Arduino” on eBay We get quite a big selection of boards to choose from. But they boil down to three popular ICs. Those are the RDM6300, PN532, and RC522. To not miss out on anything. I ordered all three of them which luckily all came with either an RFID tag or card. But how do we use them? To find that out, I hooked up the RC522 board to Arduino UNO development boards. According to the wiring scheme, which was presented in the dump in full sketch of the RC522 Arduino library. As soon as the connections were established and the example code was uploaded. I opened up the serial monitor. Who after bringing the tag close to the boards sped out a whole lot of information. But why did that happen? And what does the information mean? Well, RFID stands for “Radio Frequency IDentification” which means it has to do with wireless communication. When we have a closer look at the PCB of the reader we can see that the features an antenna which we can draw simplified as a coil. Now, the reader IC in combination with some passive components pushes a sinusoidal current through the antenna which therefore creates a magnetic fields around the coil. The most-used frequencies are either 13.56 MHz (HF) (HF - High Fequency) The most-used frequencies are either 13.56 MHz (HF) which the PN532 or the RC522 used. And 125 KHz (LF) (LF - Low Fequency) And 125 KHz (LF) which RDM6300 used. The tag guts which we can clearly observe in this transparent housing consists of an antenna or coil as well and a small chip. Which, for example can be the Mifare Classic 1K (NXP). (Or it can be NXP iCode SLI) Which, for example can be the Mifare Classic 1K (NXP). When the tag coil enters the magnetic field of the reader it uses a voltage into it and thus also occurrence which powers the IC. This is called “Wireless Energy Transfer”. And if you have never heard of it I recommend you to watch my wireless charging video as well as my DIY wireless energy transfer system video. Now the tags IC is powered and as we can see in its datasheet holds 1 KB of data that it wants to tell us, But how? To find that out, I formed the loop with my oscilloscope probes ground wire and had a closer look at the magnetic fields of the reader. As you can see here. It truly uses a frequency of 13.56 MHz and we can also observe that the amplitude of the sine wave changes quite a bit while the reader and tag communicates with one and other The reason is, that as soon as the tag IC is properly powered It uses a build-in transistor to short its coil according to the data it wants to send over. This short circuits secondary currents temps the carrier wave currents and thus can be observed as slight changes in the amplitudes. And that is how the RFID tag talks with the reader. I will not go into detail though what the exact steps of the data exchange are. Since there are plenty of tutorials out there that cover this. And we do not want to get too technical. What is important is that as soon as a RFID tag gets too close to a RFID reader it will spit out all of its information. Which means it is pretty dumb. But more about that later. Because contactless payments does not use RFID, But instead NFC which stands for “Near Field Communication“. Only problem is that NFC is a type of RFID. Only difference is that we got more standardized rules stated in for example, ISO 14443, ISO 18092, ISO 21481 (also, ISO 15693) stated in for example, ISO 14443, ISO 18092, ISO 21481 Most Importantly though. We only use high Frequency So, a distance of a couple of centimeters between reader and tag is mandatory. And you can also use a reader as a tag to exchange more complex data. (Android Beam, S Beam, etc.) to exchange more complex data. But let's take a quick break from NFC and let's go back to the Arduino example. We can use the reader to also write new data to the RFID tag. And of course use a part of the text data as an identification password too. For example, light up a LED That means such an Arduino RFID reader and tag is great for projects where you need permission for something to happen. Which I will keep in mind for future projects. Okay, quick break over... So let's ask the question: How easy it actually is to read the data from my Girocard? No matter what I tried or what kind of code I utilized the The RC522 not recognized my card. And by utilizing the PN532 board which can handle more kinds of RFID tags. I was also not capable of reading any data. But that does not mean that there is no way to do that. Because every modern smartphone nowadays comes with NFC functionality. By installing the “NFC Tools” app (SubMaker: I also recomment NXP TagInfo) By installing the “NFC Tools” app we can for starters scan the previously use tag to see some general information. But also read out its entire memory. Now, this time my Girocard got recognized. And apparently it is an ISO 14443-4 compliant tag. But while trying to read its memory the app said that this type is not supported yet. The reason is probably that while it is true that RFID tags will send out that data pretty carelessly. That does not mean that it is not encrypted. By for example, a shared key. Combine that with the effects letter close proximity is mandatory and you mostly got a payment limits Contactless payment is not as dangerous as most people might think. And if you want to be super safe You can always get yourself an anti skimming card holder for a couple of bucks. It's metal material jams the radio frequencies and thus let circuits not interact with an RFID reader. And with that being said, RFID is an important technology. Which, for example allows me to own a card that opens my youtube channel if I bring it close to my smartphone. I hope you enjoyed this video and learned a thing or two. If so, don't forget to like share and subscribe. STAY CREATIVE AND I'LL SEE YOU NEXT TIME! (Subtitle : PolaX3) NEXT TIME!
Info
Channel: GreatScott!
Views: 789,404
Rating: undefined out of 5
Keywords: RFID, NFC, rfid, nfc, contactless, payment, card, tag, safe, safety, experiment, tutorial, diy, how, to, guide, beginner, beginners, reader, radio, frequency, identification, near, field, communication, phone, android, app, magnetic, technology, working, principle, google, pay, encrypted, encryption, key, limit, proximity, ISO, MIFARE, read, write, data, memory, coil, antenna, wireless, electronic, electronics, basic, basics, greatscott, greatscott!
Id: mzPb9QLJu8k
Channel Id: undefined
Length: 8min 51sec (531 seconds)
Published: Sun Mar 03 2019
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.