Oralogic battles Visa in convincing customers they need protection

Mark Brownlee
Send to a friend

Send this article to a friend.

An Ottawa-based security company says it's developed an inexpensive solution to foil thieves from stealing information from credit cards that let shoppers pay by waving their card in front of retail terminals.

(Stock image)

But first it needs to convince consumers that this latest generation of identity thieves is a real threat, even as a major credit company says the exact opposite.

Oralogic Technologies Inc. - which sells a sleeve that shields to protect credit cards, access-control security passes and e-passports - recently launched a campaign to raise awareness of the phenomenon known as electronic pickpocketing.

According to Oralogic, thieves can steal account numbers and names simply by waving a small reader in front of these enhanced documents and cards, even if they are inside a wallet or purse.

However, Visa Canada said in a statement it has received no reports of customers being secretly defrauded using its technology, which it calls payWave.

“Because information travels from card to terminal without any contact, there is a remote risk that data can be intercepted,” reads a statement provided by a spokeswoman. “However, we have built in multiple layers of security for every Visa transaction that helps protect against fraud using stolen information.”

Ottawa police fraud investigators, meanwhile, say they are aware of the problem but that all known incidents have taken place in the United States, said spokesman Const. Henri Lanctot. The local police force hasn’t come across any cases in Ottawa, he said.

But Oralogic president and CEO Antonio Romeo insists the problem is real.

He said the credit card companies and police haven’t yet started tracking it because it’s impossible to differentiate from other types of fraud. His information has been stolen a number of times, he said.

“It’s not detectable because it happened to me personally on three separate occasions,” said Mr. Romeo.

Organizations: Visa, Technologies Inc.

Geographic location: Ottawa, United States

  • 1
  • 2
  • 3
  • 4
  • 5

Thanks for voting!

Top of page



Recent comments

  • Antonio Romeo
    November 29, 2012 - 22:17

    During TV News interviews regarding Electronic Pickpocketing, both Visa and Master Card have indicated that their contactless credit cards are safe. If this is true, why did Visa's Director of Product Develop indicate that their contactless card technology is susceptible to remote interrogation (skimming) and should be shielded upon deployment? This was found in two of Visa's US Patents. Does this sound safe to you? Once again I challenge credit card issuers (banks) to prove that their cards are safe. Banks indicate that if you have been defrauded, they will return your money. This is true and not true. Here is where is gets more complex. Let's say a criminal electronically pickpockets your credit card and makes a purchase above $50. They must enter a PIN for the transaction to occur above $50. The fraudster can then employ a method called "man-in-the-middle" to by-pass the pin. On the customer copied receipt it will indicate PIN Authorized. If the receipt says PIN Authorized, financial institutions are not obligated to refund your money unless proven it was really not you and that you did not give someone your secret PIN. Cambrige University UK tested this theory and found it to be true.

  • Antonio Romeo
    November 28, 2012 - 14:04

    I would like to clarify that Oralogic is not directly battling Visa. In addition, the RCMP is aware of electronic pickpocketing as I have advised them 2 years ago. Sgt Malo of the RCMP has published an advisory in BC (link on our website). Electronic Picketing spans more than just payment cards and includes Building Access Control Cards affecting both private and public sectors buildings. We have numerous videos on our website www.idstronghold.ca showing the various proven and undetectable methods of electronic pickpocketing. Yes, my TD Visa Cards have been skimmed on 3 separate occasions (within 2 years). That is why I am bringing this issue to the attention of Canadians. We have been on CTV and Global News, (in the US on CNN, FOX, ABC, NBC more...) The President and CEO of TD's retail group has indicated to me in an email that they are taking a "balancing act approach" to dealing with electronic pickpocketing and will contact me in the future should he see a need to implement my company's patent pending solutions to this issue. We are still waiting.... We have advised all the big 5 Banks in Canada including Desjardins and Canadian Credit Unions. The US Goverment's Homeland Security passed directive FIPS-201 to deal with skimming of government access control cards. The directive must shield their cards from skimming and have been using our ID Stronghold Secure Badgeholders since 2006. Are Government of Canada Buildings at Risk? Over the past 2 years, I have advised numerous Government of Canada departments about this undetectable security breach. DND is the only GoC department that has purchased our RFID protective devices. It is so easy to copy a GoC employee access control card, that it can be done with $20 worth of do it yourself parts purchased at Radio Shack or a thoroughly tested $400 off the shelf device found at www.proxmark3.com. The President of HID Global advises card users that their cards are susceptible to being skimmed/ copied and should keep them out of site. Unfortunately this does not prevent card skimming (link on our website). In my opinion I wouldn't bother spending hundreds of millions of dollars in implementing Building Access Control Systems unless you are going to add an additional layer of security at the card level. it only makes sense to secure the most vulnerable point in access control (the card). The point of building security is to prevent the one lone intruder entering with malignant intent. This person will be resourceful and go online to purchase the equipment necessary to enter undetected and proceed with their plan of action (theft, terrorism, etc).... I would really appreciate hearing public opinion on this issue as I feel Canadians have inadvertently been put at risk of Identity Theft and other potentially more serious issues. The financial loss can be recuperated, but re-establishing your identity is a whole other ball game. - Antonio Romeo