deleted
replyDoes skimming still happen a lot? At least in Europe we have switched from magnetic strip to chip-based cards, which are protected against replay attacks.
replyWe have chips but magnetic strips are still on most credit cards and payments are still accepted that way in many older payments gateways. From what I read on the topic the cost of lost business if this was disabled is greater than eating the cost of skimmer attacks. There is a several year plan to phase it out entirely. It's mostly because initially when chips came out a lot of business owners were angry that they had to buy new payment machines and good luck explaining this to a none tech person.
replyIn the UK, many banks disable the magnetic strip by default, and you have to temporarily enable it from the bank's app/website if you want to use it.
replyYou'd struggle to find a POS terminal that even has a reader for them in the UK. I've only ever had to enable them in the US or Japan.
The US first got magnetic strip readers in 1970 so we just have a ton of infrastructure using them. Since most people drive pickpocketing and things of that nature are much less of an issue for us. Typical use has someone using the card for everything then paying it off at the end of the month so if there's a random extra charge the credit card company will typically let it go to maintain the active user.
replywhether a device is rooted kinda does matter from this pov as it undoes a lot of the security assumptions on android...
replyhowever grapheneos isn't rooted anyway
We're talking about just in time tokens that disappear after use. There's nothing you can do to defeat that on a rooted device. That's the whole point of the entire tech. That's why yubikeys are even a thing.
reply