Security Researcher Warns About NFC ATM Vulnerabilities

Just recently, a security researcher named Josep Rodriquez from Madrid, Spain has warned that the ATMs are vulnerable to hacking attacks caused by NFC readers. NFC systems are used to let people wave a credit card over a reader instead of swiping or inserting it to make a payment or withdraw cash from a machine.

Rodriguez is a security researcher from IOActive who has spent the last year investigating, testing, and reporting vulnerabilities of the “near-field communications reader chips” installed in ATMs and POS (point of sale) systems worldwide.

Josep executes his hacks in a relatively easy way. By simply waving his phone containing his software near the NFC reader of an ATM, he can manipulate whatever vulnerabilities the machine might have.

In one video shared with Wired, Josep showed that when he waved his phone at an ATM in Madrid, it displayed an error and then stopped responding to real credit cards. He further warned that there are more issues with the systems.

In a report alerting the affected vendors, Josep stated that his research discovered flaws of the NFC readers, including, but not limited to, being subjected to crashing by a nearby NFC device, a ransomware attack, or even hacking to obtain credit card data. He further warned that such vulnerabilities might also lead to the “jackpotting” attack, a hack that makes the ATMs release cash.

Josep also pointed out more problems in the systems. For instance, NFC readers do not verify the amount of data they are receiving. Following that, he was able to overload the system with data and corrupt its memory. Rodriguez intends to present his findings in a webinar to highlight the poor security services of such devices.

ABOUT AUTHOR

Anne is a certified digital marketing strategist, a behavioral coach, and a technology guru. She has spent most of her life managing people from all walks of life until she decided to turn her passion for tech into a reality. As she is now a master of all things technology in the SEO world, managing Websitebuilder.org is her dream come true. She is also a proud mom to a future psychologist, and she loves to cook, cook, and cook some more!

Latest from Anne

Leave a Reply