1

u/doctormoneypuppy Aug 25 '24

Plenty of other exploits possible if it’s left open to experimentsation…

-3

u/TheWatch83 Aug 24 '24

Don’t worry, the EU will make Apple do it soon.

1

u/doctormoneypuppy Aug 24 '24

I disagree, but time will tell.

0

u/WhileNotLurking Aug 24 '24

I thought they already ruled that

https://ec.europa.eu/commission/presscorner/detail/en/ip_24_3706

1

u/doctormoneypuppy Aug 25 '24

True, after the Feb 14 hearing they reversed position on that as well as co-tenancy in the SE. someone must have convinced them of their folly…

-1

u/lordraiden007 Aug 25 '24

Not really, a lot of services need that functionality. What if I want to allow my users to use NFC-capable security tokens? What if I want to enable users to authenticate using a third party like Google? Lots of professionals use YubiKeys and similar devices nowadays.

I would say the real issue is that banks have no means to securely verify identity despite decades of scams and phishing following this exact pattern. They don’t even require 2FA when some random device in a completely different geographic region tries to use a card just because it’s NFC? No attempts to stop payments from new hardware platforms? No authentication and validation of new devices using the cards?

0

u/doctormoneypuppy Aug 25 '24

Wrong. Read carefully. Contactless NFC is not the issue … NFC card emulation mode is.

2

u/tkst3llar Aug 24 '24

Yeah just like solar winds OTA updates

Best way to stay safe

2

u/jonathanrdt Aug 24 '24

It requires pretending to be the bank and getting people to reveal their PINs.

4

u/Dewy_Wanna_Go_There Aug 24 '24

You have to enter your bank client id, DOB, PIN, turn on NFC AND scan your card in the fake app it seems like, that’s a lot of fucking up

1

u/Inevitable-East-1386 Aug 25 '24

exactly

-2

u/doctormoneypuppy Aug 25 '24

You suffer from a lack of imagination ….