🤖 AI Summary
Overview
This episode explores the hidden technologies and vulnerabilities of credit cards, tracing their evolution from magnetic stripes to contactless payments. It delves into the history of espionage-inspired innovations, the rise of fraud, and the ongoing battle between security and convenience.
Notable Quotes
- The Soviets realized they could use resonance to create a bug that needed no power source.
– Derek, on the ingenious design of The Thing.
- When chip and pin came in, our business was dead in the water.
– Tony Sales, reflecting on how advanced security measures disrupted credit card fraud.
- If you can get half of the people watching this to turn on payment notifications, you’ll have the biggest impact on reducing vulnerability.
– Tony Sales, on simple steps to enhance payment security.
🕵️♂️ The Soviet Spy Tech That Inspired Modern Credit Cards
- The Soviets created The Thing,
a battery-less listening device hidden in a plaque, which used resonance to transmit sound when activated by radio waves.
- This technology inspired the CIA's Project Easy Chair,
which improved on the concept by using radio waves as a power source for hidden microphones.
- These innovations laid the groundwork for RFID and NFC technologies used in modern credit cards.
💳 The Evolution of Credit Card Security
- Early credit cards relied on magnetic stripes, which stored static data that could be easily cloned using skimmers.
- The introduction of chip-and-pin technology in the 2000s revolutionized security by encrypting transaction data and requiring a PIN.
- Chip cards are nearly impossible to clone due to their secret keys being deeply embedded in silicon, but they introduced longer transaction times.
📡 How Contactless Payments Work
- Contactless cards use near-field communication (NFC), powered by magnetic fields generated by the card reader.
- Unlike RFID, NFC operates over very short distances, reducing the risk of accidental transactions.
- Each transaction generates a unique cryptographic code, making it secure against cloning.
🛡️ Vulnerabilities and Fraud in Contactless Payments
- Digital pickpocketing, or ghost tapping, can occur if a card is within 2 cm of a malicious reader, but transaction limits mitigate the damage.
- Contactless fraud is less effective than it seems, as critical data like CVV codes are not stored on the chip.
- Simple precautions, such as Faraday wallets or enabling payment notifications, can significantly reduce risks.
📱 The Future of Payments: Mobile Wallets
- Mobile wallets like Apple Pay enhance security by never storing real card numbers and requiring biometric authentication.
- Despite their convenience, the integration of new features into mobile payments raises questions about potential vulnerabilities.
- The episode teases an experiment to test the security of a locked iPhone against a $10,000 transaction attempt.
AI-generated content may not be accurate or complete and should not be relied upon as a sole source of truth.
📋 Video Description
How safe are the cards we use? Sponsored by Saily - Prepare for your next destination today! Download the Saily app now or go to https://saily.com/veritasium and use code ‘veritasium’ for 15% off. Share your referral code with friends and family to collect more credit for your next trip.
If you’re looking for a molecular modelling kit, try Snatoms, a kit I invented where the atoms snap together magnetically - https://ve42.co/SnatomsV
Sign up for the Veritasium newsletter for weekly science updates - https://ve42.co/Newsletter
▀▀▀
0:00 Dissolving A Card In Acetone
1:32 The Soviets’ Powerless Bug
6:24 The First Credit Card
8:21 Magnetic Stripe Credit Cards
11:51 How To Clone A Credit Card
13:50 Chip and Pin
18:03 Operation Easy Chair
19:58 How does a contactless card work?
23:39 Digital Pickpocketing
▀▀▀
We’d love to thank some of the experts who helped us on this video.
Firstly, a huge thank you to Neil Smith for sharing his technical and historical knowledge of “The Thing” and operation Easy Chair. These devices are crazy complicated! And Neil (given that he’s actually built a working replica of “The Thing!”) gave invaluable insight into how it works, and detailed feedback on early versions of the video. You can see even a more detailed explanation of “The Thing” from Neil here – "Leon Theremin Changed Spying FOREVER with this 1940s invention!", on his channel: @MachiningandMicrowaves
Thanks to R. Paul Wilson for a comprehensive overview of the potential ways that credit cards and contactless payments can be compromised, and for connecting us with Christopher Forte. A big thank you to Christopher for his technical advice on different attack vectors for NFC transactions, his insights into the “cat and mouse game” between hackers and security providers, and feedback on different parts of the video.
Thanks to Pavel Zhovner, CEO of Flipper Devices, for talking us through the various security layers in NFC transactions, showing us round the Flipper HQ, and even giving us several Flippers to experiment and film with!
Thanks as well to Tony Sales, for his candid – and thoroughly entertaining(!) – recounts of credit card vulnerabilities, and explaining the work he does today in testing them.
Thanks to @mkbhd and his team for filming all the different demo’s with us – and of course, putting himself forward for the hack we’ll cover in part 2 of this video!
And last but definitely not least, a big thank you to professors Tom Chothia and Ioana Boureanu, for their technical support on the video, and of course, talking us through in great detail and even lending us the equipment for the hack we’ll be attempting in part 2!
▀▀▀
References: https://ve42.co/Spies&CardsRefs
▀▀▀
Special thanks to our Patreon supporters: Adam Foreman, Albert Wenger, Alex Porter, Alexander Tamas, André Powell, Anton Ragin, armedtoe, Balkrishna Heroor, Bertrand Serlet, Blake Byers, Bruce, Charles Ian Norman Venn, Daniel Martins, Data Don, Dave Kircher, David Johnston, David Tseng, EJ Alexandra, Evgeny Skvortsov, Garrett Mueller, Gnare, Hayden Christensen, Hong Thai Le, Ibby Hadeed, Jeromy Johnson, Jesse Brandsoy, Jon Jamison, Juan Benet, Kelcey Steele, KeyWestr, Kyi, Lee Redden, Marinus Kuivenhoven, Mark Heising, Martin Paull, Meekay, meg noah, Michael Krugman, Moebiusol - Cristian, Orlando Bassotto, Parsee Health, Paul Peijzel, Richard Sundvall, Robson, Sam Lutfi, Shalva Bukia, Sinan Taifour, Tj Steyn, Ubiquity Ventures, Vahe Andonians, wolfee
▀▀▀
Writers: James Moore, Casper Mebius & Henry van Dyck
Producer & Director: James Moore
Presenters: Derek Muller & Henry van Dyck
Editor: Peter Nelson
Animators: Andrew Neet, Domonkos Józsa, Alex Drakoulis & Ulugbek Islamov
Illustrator: Jakub Misiek
Assistant Writers: Aakash Singh Bagga & Darius Garewal
Assistant Editor: James Stuart
Researchers: Aakash Singh Bagga, Darius Garewal & Callum Cuttle
Camera Operators: Andrew Abballe, Henry van Dyck, Gregor Čavlović & Andy Perez
Thumbnail Designers: Abdallah Rabah, Ren Hurley & Ben Powell
Production Team: Jess Bishop-Laggett, Matthew Cavanagh, Anna Milkovic & Sulli Yost
Executive Producers: Derek Muller & Casper Mebius
Additional video/photos supplied by Getty Images & Storyblocks
Music from Epidemic Sound