If you own an electric car and use a public charge station (even occasionally), it’s important that you keep an eye out for fraudulent charges on your debit/credit card you use to pay for it. Researchers have found that some charge stations, mainly those that require a dedicated card, “have not implemented basic security mechanisms” like encryption.
Mathias Dalheimer, a security researcher who works at Fraunhofer, first presented his findings at the Chaos Computer Club conference. He first contacted the companies in question (which are not named), some of which apparently have refused to fix the issue — so he has put it forward publicly, and now it’s even on the German R&D firm’s official page.
The charge systems in question give you a card with a user ID number on it, which is connected in their backend to an actual debit card on file at the company. That wouldn’t be a problem if this ID number was transmitted, encrypted, every time you use a charge station, but its not.
Intercepting these numbers would be trivial for a hacker, and there appears to be no mechanism for preventing duplicates of that card from being made and used, or for transactions to be otherwise duplicated. Dalheimer compared it to a store accepting a photocopy of a debit card rather than the real thing.
There’s no guarantee that the charge station you use is not legit, but there’s also no way to know for sure that it isn’t. You may be able to ask the company in question if they’re affected and if they are taking measures to protect users. Until better standards are set, you might want to keep an eye out for unauthorized charges.
more recommended stories
ProcessOut has recently invested $1 million from several business angels
Meet ProcessOut, a French startup that.
CloudBees obtain Codeship, another startup in the dev-ops space
More merging is afoot in the.
Families will be better off because it exists says David Marcus
Facebook’s vice president of Messaging Products,.
TechCrunch has learned of a potentially serious new bug affecting a wide range of Apple device
TechCrunch has observed of a strong.