Send email Copy Email Address

DIGITAL Pickpocket

Completed in September, the "Protect Your Pocket Money!" demonstrator shows elementary school children as much as adults how to defend against wireless data theft.

TYPE
Live Demo

TOPIC
Near Field Communication (NFC), fraud

YEAR
2023

SOFTWARE
Android Studio - Jetbrain IDE (Android SDK, D-Logic NFC SDK, Jetpack Compose v3), Figma, Adobe Photoshop, Adobe Illustration, Adobe InDesign

HARDWARE
NFC RFID Reader Writer, Samsung Galaxy Tab S6, Pixel 2 XL to program the secrets onto NFC cards, power bank, USB-C dock, briefcase furnished with foam interior, wooden stand for programmer phone (in-house build using miter saw, router).

SKILLS
Visual Design, Communication Design, Storytelling, Kotlin, Java & JNI, Android Material 3 w / Jetpack Compose

INFORMATION FOR USERS

In our daily lives, we often make use of the possibility of exchanging digital data contactlessly via electrical fields. Near field communication (NFC) makes this possible - from unlocking office doors with a key card to checking out at the supermarket.

But be careful! NFC is not always secure. The two devices exchanging data need to be relatively close to each other, but this does not deter thieves and spies.

This demonstrator shows that it is possible fo criminals to obtain secrets and money without stealing the card. It is also illustrates how we can protect ourselves against this.

HOW DOES THIS DEMONSTRATION WORK?

The opened suitcase proves that a cleverly camouflaged reading device can spy on secret data via near-field communication.

This demonstration is based on several components: 

  1. A writable NFC card.
  2. A smartphone with a custom application that can be used to write on the card.
  3. A briefcase containing both a reader with an antenna and a tablet for displaying the received data.
  4. A mannequin wearing a shoulder bag containing a wallet with the NFC card.
  5. Using the smartphone, the participant writes a secret word on the NFC card. This secret will remain hidden from CISPA personnel.
  6. The card is placed in the wallet, which is then put into the mannequin's shoulder bag.
  7. A CISPA employee will approach the mannequin with the briefcase described above. They will hold the briefcase in such a way that the antenna of the reader will be as close as possible to the wallet in the shoulder bag. They will remain in this position for approximately ten seconds. 
  8. The CISPA employee will return to the participants, open the suitcase and ask them to verify that the extracted information matches the previously entered secret.
  9. The CISPA employee will explain the technology behind the theft and provide information about the protection provided by the CISPA blocker card. Optionally, the CISPA employee can demonstrate the protective effect of the blocker card by positioning the now protected wallet close to the reader's antenna and allowing the participant to take a look at the reader (tablet).

The so-called NFC blocker cards protect against spying via near-field communication.

WHAT MAKES THIS DEMONSTRATOR SO SPECIAL?

This demonstrator raises awareness of technology misuse. It makes the experience of security vulnerability exciting while convincing participants of its relevance. Participants learn about protective measures and can also protect themselves immediately by placing the NFC blocker card in their wallets.  

More info on digital Thieves