FUZE Bluetooth Credit Card is Vulnerable to Hacking over Bluetooth

FUZE Card is a Bluetooth enabled card with ePaper display that can store up to 30 real credit card. You’d program credit cards into it via Bluetooth Smart (BLE) using a smart phone app, and use it like a normal credit card while paying, after selecting the card you want to use. It’s more convenient than carrying many cards, and more secure since part of the number are hidden (shown as stars ****), so whoever get your card can’t easily make a copy of the information.

A problem however is that according to ICE9 Consulting, there’s a security vulnerability that allows credit card numbers to be stolen via Bluetooth: CVE-2018-9119.

The full details can be found on ICE9 blog post. They started to make a X-Ray to find out about the main components see (photo below), and the reverse-engineered the Bluetooth protocol using an Android smartphone, and software tools such as Burp Suite (optional),Wireshark + crusty Perl scripts, and gatttool / BlueZ.

Click to Enlarge

Read their blog post for the full details about the Bluetooth protocol used and vulnerability, but the takeaway is that an attacher with physical access to a FUZE card can:

  1. Bypass the lock screen.
  2. Read credit card numbers with expiration date and CVV.
  3. Tamper with data on the card.

The card is described and the vulnerability showcased in the video below.

ICE9 Consulting has tried to contact the company making the card (BrilliantTS), but did not get feedback until the flaw was made public, and now the company plans a fix on April 19 with both new firmware and mobile apps.

This vulnerability affects MCU firmware 0.1.73 and BLE firmware 0.7.4, and all cards are affected. If you own such FUZE card take good care of it, and avoid using it until its firmware is updated.
Share this:

Support CNX Software! Donate via cryptocurrencies or become a Patron on Patreon

ROCK Pi 4C Plus
Notify of
The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.
Weller PCB manufacturer