Wearing a CashCuff shirt to pay contactlessly
What happens when you give an IT security expert a CashCuff shirt? We figured there really couldn't be a better person to independently test our product. When we got chatting to James Bore, we discovered lots of things, but there were two real stand outs for us, first and foremost, his payment security knowledge is A1 and second, he loves a good shirt. We figured that this could be the perfect match, so we sent him a CashCuff shirt to see how he'd get on. Over to you James.
I started chatting with Andy from DressCode Shirts about the security of contactless payments back when the news of the contactless limit increase first broke, during the dark days of Covid lockdowns.
A lot of my work involves looking at the attack vectors of fraudsters, in both the physical and online retail spaces. I was interested to discover whether the CashCuff solution would help or hinder people and their personal payment security.
Contactless payment tech
In terms of the technology, contactless payments are fairly secure all round. The system is designed to use a unique code for each transaction, meaning that the card data is never transferred wirelessly.
While there are technical exploits that can be used, they are frankly beyond the reach of the average (or even most above-average) criminals. On top of that, contactless fraud is generally carried out by opportunist criminals – more strategic ones use other methods which allow for greater profit, which aren’t relevant here.
So that raises the question of does the CashCuff, having your payment mechanism tucked away in a cuff of your shirt, make you more secure around these opportunists?
The simple answer, having tested it out at a security conference, used it for everyday wear, and run it against a (admittedly simple) wireless security assessment, is Yes.
CashCuff Technology
Let’s look at the technology first – the wireless transactions are just as secure as using your card for contactless, with the added advantage that someone can’t spot your card details as you’re waving it around by the machine.
Next question, does it reduce opportunities for opportunists to steal your payment system and use it to access your money?
Again, very much a yes here. Several times I got questions about how I was paying, since it’s such a discreet little system. Opportunist fraudsters might pick your pocket, whether they are after your phone or your wallet, they might even swipe your smartwatch, but stealing the shirt off your back when the payment mechanism is this discreet is unlikely to say the least.
Added security
On top of that I would argue it also reduces the chance for someone to steal your card details. The fact that most cards still have almost all the information to misuse that card printed on them is a problem that’s not going to go away for a while. Using the CashCuff means that you don’t need to carry those details with you.
Using the CashCuff, my summary
Not only was it more convenient than taking a card from a wallet and flashing it around, or taking out a phone from a pocket, or prodding at tiny buttons on a smartwatch to enter a PIN before paying, it also brought a bit of fun back to the experience as people (including other security people) tried to work out what was being done. I even had a handful thinking I might have had an implant (which is somewhat less convenient to put in or remove on a whim, and carries more risks than I’m comfortable with taking).
And of course the shirt, the quality is, as I'd expected, absolutely first class.
Thanks James for taking the time to test the CashCuff, it sounds like you've had a lot of fun, which is great to hear. If you'd like to find out more about James, and what he does, check out - www.bores.com
Bores, based in London, focuses on digital, data and cyber security. James holds an MSc in Cyber Security from Northumbria University, and has worked in IT support, security, development, architecture and engineering.
Cyber security is James’ passion and he is globally recognised as an expert in his field, he regularly speaks at conferences, writes for magazines as well as contributing book chapters on security threats.