zlacker

[parent] [thread] 2 comments
1. charci+(OP)[view] [source] 2025-04-14 16:34:48
>What prevents a phone from emulating a regular physical credit card?

If this were possible fraudsters would be easily be able to clone people's cards by getting close to them. The protocol was explicitly designed for this to not be possible. There are secrets that live on the card itself and are not exposed

replies(1): >>palata+OI1
2. palata+OI1[view] [source] 2025-04-15 06:54:02
>>charci+(OP)
So a phone can totally emulate a regular physical credit card, if it has the private key.

Behaving like a credit card does not mean that the credit card is clonable.

replies(1): >>dzikim+3D3
◧◩
3. dzikim+3D3[view] [source] [discussion] 2025-04-15 19:04:31
>>palata+OI1
Yes, if you want to write an app, that will generate transaction conforming to the protocol & will use your card number it's actually very short programy.

With some luck it will be even routed to your bank. Then it will fail due to invalid authentication. I think there's a defcon talk on YouTube that details the exchange.

[go to top]