FLIR Cameras can defeat PIN technology
#1
Original Poster
Join Date: Jul 2011
Location: SF Bay Area
Programs: UA MileagePlus (Premier Gold); Hilton HHonors (Gold); Chase Ultimate Rewards; Amex Plat
Posts: 6,676
FLIR Cameras can defeat PIN technology
The "bad guys" could steal your PIN even if they were nowhere near you when you entered the PIN into the machine (no shoulder surfing required) and even if you properly shielded the pad.
There's a technology called FLIR (forward looking infrared) that shows how warm things are. It is used by the military, by people who want to find cops hiding by the side of the road at night (as a countermeasure for speeders), etc. I've seem claims that with a good enough camera, people can spot a cop's warm tailpipe from over half a mile away, even if all of the lights on the police car are off. It is the second usage that brought this to my attention, as I am part of a forum called Radar Detector Forum (rdforum.org), which has people who follow countermeasure technology: radar detectors, laser jammers, police scanners, FLIR, etc.
Basically, a company called FLIR just released a FLIR camera called the FlirOne that looks like an iPhone case and fits right onto the back of an iPhone, which makes it much easier to "steal" a PIN from a keypad (it doesn't look as suspicious to be holding a phone over a keypad but it looks extremely suspicious to be holding an IR camera). Here's the product: http://www.flir.com/flirone/
Here's the youtube video of how this is done: https://www.youtube.com/watch?v=8Vc-69M-UWk
The scary thing about this? Well, if you have EMV, it's not really that scary, because the "bad guys" could steal your PIN but can't clone the card. However, if your card uses magstripe technology and they have a card skimmer on the terminal AND come up with a FLIR camera after you enter your PIN, now they've got your card (or rather, can easily clone it) *and* your PIN.
So who says EMV isn't needed on debit cards?
There's a technology called FLIR (forward looking infrared) that shows how warm things are. It is used by the military, by people who want to find cops hiding by the side of the road at night (as a countermeasure for speeders), etc. I've seem claims that with a good enough camera, people can spot a cop's warm tailpipe from over half a mile away, even if all of the lights on the police car are off. It is the second usage that brought this to my attention, as I am part of a forum called Radar Detector Forum (rdforum.org), which has people who follow countermeasure technology: radar detectors, laser jammers, police scanners, FLIR, etc.
Basically, a company called FLIR just released a FLIR camera called the FlirOne that looks like an iPhone case and fits right onto the back of an iPhone, which makes it much easier to "steal" a PIN from a keypad (it doesn't look as suspicious to be holding a phone over a keypad but it looks extremely suspicious to be holding an IR camera). Here's the product: http://www.flir.com/flirone/
Here's the youtube video of how this is done: https://www.youtube.com/watch?v=8Vc-69M-UWk
The scary thing about this? Well, if you have EMV, it's not really that scary, because the "bad guys" could steal your PIN but can't clone the card. However, if your card uses magstripe technology and they have a card skimmer on the terminal AND come up with a FLIR camera after you enter your PIN, now they've got your card (or rather, can easily clone it) *and* your PIN.
So who says EMV isn't needed on debit cards?
#2
Join Date: Feb 2010
Location: US
Programs: (PM)AA SPG (Marriott), Hilton
Posts: 1,040
On the other side, there's FLIR and this cheaper option.
For more serious security, some keypads are dynamic touch pads. The order of the numbers on the keypad are scrambled for each use. If FLIR becomes an issue, probably that technology will roll out. With touch pad ATM's being more common, it may just be software and education.
#4
Original Poster
Join Date: Jul 2011
Location: SF Bay Area
Programs: UA MileagePlus (Premier Gold); Hilton HHonors (Gold); Chase Ultimate Rewards; Amex Plat
Posts: 6,676
1) Assuming the person didn't take precautions, the sequence actually IS obvious, because the last key pressed will be warmest, and the first key pressed will be the coolest of the keys that are warmer than room temperature.
Even if you got no information other than which keys were pressed, and the PIN was 4 digits and none of them repeat, you can get it down to 24 possible combinations.
2) Yes, this is the recommended method in the video.
Even if you got no information other than which keys were pressed, and the PIN was 4 digits and none of them repeat, you can get it down to 24 possible combinations.
2) Yes, this is the recommended method in the video.
#5
Original Poster
Join Date: Jul 2011
Location: SF Bay Area
Programs: UA MileagePlus (Premier Gold); Hilton HHonors (Gold); Chase Ultimate Rewards; Amex Plat
Posts: 6,676
#7
Original Poster
Join Date: Jul 2011
Location: SF Bay Area
Programs: UA MileagePlus (Premier Gold); Hilton HHonors (Gold); Chase Ultimate Rewards; Amex Plat
Posts: 6,676
Different types of objects have different shapes and different temperatures. A tailpipe is way warmer at night than almost anything in nature except for something that's on fire. Obviously, a warm tailpipe in a freeway lane isn't suspicious (cars ahead of you), but a tailpipe on the shoulder or in the bushes is.
Just as in any security system, it's all about layers of protection. If you're getting radar alerts AND you see a warm tailpipe off the road, then that's just one more clue to slow down. Some cops will even be nice and leave their radars running while they shoot cars with laser, giving away their location from miles away, so by the time your jammers go off, you're already at the speed limit and you can kill the jammers immediately.
What this shows is that a PIN might not be sufficient protection against having your card cloned and used, even in card-present transactions, if the card is magstripe only and the device that takes the PIN has physical plastic keys. Now whether someone who planted a card skimmer on a terminal would want to stick around and use a FLIR to capture someone's PIN (and potentially show up on CCTV) is another question, but this at least shows that it's possible.
Just as in any security system, it's all about layers of protection. If you're getting radar alerts AND you see a warm tailpipe off the road, then that's just one more clue to slow down. Some cops will even be nice and leave their radars running while they shoot cars with laser, giving away their location from miles away, so by the time your jammers go off, you're already at the speed limit and you can kill the jammers immediately.
What this shows is that a PIN might not be sufficient protection against having your card cloned and used, even in card-present transactions, if the card is magstripe only and the device that takes the PIN has physical plastic keys. Now whether someone who planted a card skimmer on a terminal would want to stick around and use a FLIR to capture someone's PIN (and potentially show up on CCTV) is another question, but this at least shows that it's possible.
#8
FLIR Cameras can defeat PIN technology
That flir toy you are referring to wouldn't detect object 100 yards away. The cheapest flir camera which would get you any detection half a mile away would cost around $10K. And you would have to mount it on the roof of your vehicle + you would have to install encoder and a PC in your car.
How much are the traffic tickets? $150?
How much are the traffic tickets? $150?
#9
Original Poster
Join Date: Jul 2011
Location: SF Bay Area
Programs: UA MileagePlus (Premier Gold); Hilton HHonors (Gold); Chase Ultimate Rewards; Amex Plat
Posts: 6,676
That flir toy you are referring to wouldn't detect object 100 yards away. The cheapest flir camera which would get you any detection half a mile away would cost around $10K. And you would have to mount it on the roof of your vehicle + you would have to install encoder and a PC in your car.
How much are the traffic tickets? $150?
How much are the traffic tickets? $150?
Traffic tickets? Cost varies by state, in California, it's $234 for speeding 1-15 mph over, $360 for 16-25 over, $480 for 26+ over, and $880 for over 100 mph. In addition, the cost also includes the time spent fighting the ticket in court, and the insurance increases if you lose the case. What can I say, for some people, countermeasures are a hobby, just like FTers have their own hobbies that other people may find to be strange or a waste of time (like doing MRs or MS).