Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Devices like FLIR-ONE can be used to detect the heat signature someone leaves after entering in their PIN. TheJournalTech/Twitter
Fraud

You'll need to be extra careful the next time you visit an ATM

Now you have to worry about what heat signature you leave when using one.

IRISH PEOPLE ARE being warned to take extra precautions when using an ATM as there’s a new way  for thieves to discover your card’s PIN.

Thieves have started using thermal heating services like FLIR-ONE, an add-on case or dongle that you can attach to your iPhone or Android device, to see the heat signature left by those using an ATM.

By picking up the thermal signatures left by a customer, they can figure out what your PIN code is and the order they were pressed.

Tom O’Connor, managing director at online security company Lan.ie, said they first encountered the method a month and a half ago and it’s a problem he believes will continue to grow.

“There have been a number of them around in Dublin, and they’re in use at the moment,” says O’Connor. “Around the country, there are a number of ATMs with plastic buttons which hold the heat [signature] for longer than the metal buttons… the banks and credit cards companies are not ready for it.”

This is combined with another method to get the card’s details. The first is to pickpocket the card while the second method is to use a RFID (Radio Frequency Identification) scanner to download the card details. The latter would require the user to get close to the card before they can attempt downloading the information.

So how do you overcome this problem? O’Connor recommends that you rest your fingers on random keys after you’ve entered in your PIN for a few extra seconds, especially if it uses plastic buttons as they hold in heat for a longer period. That way, nobody can tell which keys you’ve pressed and there’s less risk of you being compromised.

Overall, he recommends people to be vigilant and to keep their cards close to them at all times as the responsibility is put on the consumer, not the banks or card makers.

When someone steals from you, the bank categorically denies that there’s any possible way to get someone’s PIN code. [When it happens], the liability for the losses are pushed back onto the customer rather than being covered by the credit card companies the way it used to be.

Read: Don’t want sites tracking your activity? Here’s how you can ask them to stop >

Read: These fake Apple employees try talking people into buying rival products instead >

Your Voice
Readers Comments
47
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.