Using a skimmer device that is compatible with contactless technology, it is possible to steal money from the card without its owner suspecting anything. It is enough for a person armed with such a device to make several strolls with crowded vehicles, randomly passing the portable device through the pockets and bags where the portfolios could be stored. Another and less risky method for the perpetrator is to put a skimmer card in places that can sometimes be in close proximity to a bank card, such as near a contactless payment terminal in public parking lots or hidden in the gas station handle, with the idea that some hasty travelers will hold the card in the hand they eat, anticipating the payment they will make at the counter.
However, skimmers also have a vulnerability in the form of an active Bluetooth connection, which is supported to allow remote access and download of stolen banking data. Although disguised as the identity of another harmless device, used Bluetooth signatures can be catalyzed by anti-virus software and included in a database, writes go4it.ro.
Developed by researchers at the University of Illinois Urbana-Champaign, Bluetana is an application that can detect the presence of a skimmer card from a distance of several meters, urging the owner to avoid approaching the bank card to less than a few centimeters of suspicious objects, the reach of the contactless system is not very large. In addition, measuring the strength of a Bluetooth signal with a mobile phone can help identify the location of the secret device to be removed.
Tested on site, the app helped detect at least 1,185 bluetooth skimmers installed in gas stations in the United States, proving it can be used successfully. Although we have no official announcement so far, at least some antivirus vendors are expected to include this feature in the mobile security arsenal in the idea of extending consumer protection.