If you own an electric car and use a public charge station (even occasionally), it’s important that you keep an eye out for fraudulent charges on your debit/credit card you use to pay for it. Researchers have found that some charge stations, mainly those that require a dedicated card, “have not implemented basic security mechanisms” like encryption.
Mathias Dalheimer, a security researcher who works at Fraunhofer, first presented his findings at the Chaos Computer Club conference. He first contacted the companies in question (which are not named), some of which apparently have refused to fix the issue — so he has put it forward publicly, and now it’s even on the German R&D firm’s official page.
The charge systems in question give you a card with a user ID number on it, which is connected in their backend to an actual debit card on file at the company. That wouldn’t be a problem if this ID number was transmitted, encrypted, every time you use a charge station, but its not.
Intercepting these numbers would be trivial for a hacker, and there appears to be no mechanism for preventing duplicates of that card from being made and used, or for transactions to be otherwise duplicated. Dalheimer compared it to a store accepting a photocopy of a debit card rather than the real thing.
There’s no guarantee that the charge station you use is not legit, but there’s also no way to know for sure that it isn’t. You may be able to ask the company in question if they’re affected and if they are taking measures to protect users. Until better standards are set, you might want to keep an eye out for unauthorized charges.
more recommended stories
Hover : A Computer vision startup that permits consumers to easily create 3D models of their homes
As more and more startups focus.
Airbus recently had the first ever successful flight
Airbus recently had the first.
Kakao games business receives $130M funds from Tencent and others ahead of IPO
Korea’s prominent messaging company Kakao is.
Facebook is amping up its Community Help effort to assist people in crisis
Facebook is amping up its Community.
Workast raises cash to expand its toolkit to other messaging platforms
The popular task management, Workast, has.
Pharmaceutical firm Roche acquires Flatiron in a $1.9 billion deal
Swiss pharmaceutical company Roche has made.
Axel Springer to buy a stake in Magic Leap
Magic Leap is a U.S. startup.
Bharat Vasan appointed as the new CEO of PAX Labs
PAX Labs, an American electronic cigarette.
Production of Volkswagen’s I.D. line of electric cars to begin from November 2019
Volkswagen has been showcasing its I.D..
Second fund raised by NYC-based Notation Capital worth $27 million
Notation Capital, the NY-based pre-seed fund.