Jail for man who redeemed more than S$2,500 worth of food, drinks using hacked Kopitiam card

• Aaron Martin Wong Yew Wei found out in 2015 that an acquaintance knew how to illegally top up stored-value cards used at Kopitiam food courts
• Wong used one such card to claim at least S$2,511 worth of food and drinks over two months
• He bought the system used to hack cards but claimed he failed in topping up more cards 

SINGAPORE — For two months in 2016, Aaron Martin Wong Yew Wei got away with using a hacked stored-value card to get free food and drinks at various Kopitiam food courts.

He ended up cheating the food court operator of at least S$2,511. 

Wong also admitted to buying the system used to illegally top up cards but claimed that he failed to hack more cards.  

On Thursday (April 22), the now 42-year-old Singaporean was jailed for three weeks. He will begin serving his sentence next week.

He pleaded guilty to one charge of conspiring to illegally modify computer material under the Computer Misuse and Cybersecurity Act. Another similar charge was taken into consideration for sentencing.

One of his co-accused, Imdad Mohamed Salih, was jailed for four months in March after pleading guilty to getting more than S$19,000 of food, drinks and cigarettes using Wong’s card.

The cases of two other men — Koh Thiam Seng and Teoh Wen Qi — are still pending.

The court heard that Wong befriended Koh in 2014 who later introduced him to Imdad. The trio would occasionally meet up for drinks.

In 2015, Wong met Teoh through Koh and they would meet at Kopitiam’s Lau Pa Sat outlet.

On this occasion and subsequent ones, Wong noticed that Koh would order a lot of food, drinks and cigarettes using a Kopitiam stored-value card. 

Koh told him that this was Teoh’s treat and eventually revealed to him that Teoh knew how to top up the card's value illegally.

Sometime in July 2016, Wong obtained a first-generation Kopitiam stored-value card and handed it to Teoh.  

Teoh topped up the card and returned it to Wong, rejecting Wong’s attempts to repay him. 

Teoh continued to top up Wong’s card when it was low on value. 

Between then and Sept 4 in 2016, Wong, Teoh and Koh used the card to spend S$2,511 on food and drinks at various outlets but mainly at Lau Pa Sat.

TRIED TO HACK CARDS ON HIS OWN

Koh revealed Teoh’s modus operandi to Imdad in August 2016. 

Wong and Imdad then discussed how to buy the system from Teoh to modify more cards. 

Koh, acting as Teoh’s middleman, told them that they needed S$500 and an Android phone with Near Field Communication (NFC).

They bought two Samsung S3 mobile phones and gave them to Teoh.

Teoh taught the duo how to use an application and the phone’s NFC scanner to modify the cards.

When Wong, Imdad and Koh met up at Kopitiam outlets, they used Wong’s modified card to buy food, drinks and cigarettes. Imdad would hack it using the app.

Wong also got another first-generation card and tried to modify it with his Samsung S3 phone but claimed that he was unable to use it as it was not recognised by the Kopitiam card reader.

Their offences came to light when a Kopitiam staff member at Lau Pa Sat observed that Imdad was repeatedly buying large quantities of cigarettes with Wong’s card. 

The food-court operator then ran a check on the card number and retrieved its transactions, discovering that S$21,660 had been spent from November 2015 to November 2016, but only one top-up of S$10 was recorded during that period.

Kopitiam blocked the card and its representatives retrieved it the next time Imdad tried to use it by telling him it was defective.

Kopitiam filed a police report on Nov 12, 2016.

When Imdad was first called up for police investigations in August 2017, he denied the offences. 

Two years passed before he admitted to them and revealed his co-accused’s involvement.

All of them have made full restitution of the sums involved. 

MOTIVATED BY GREED

Deputy Public Prosecutor David Koh sought three to four weeks’ jail, noting that Wong was motivated by greed and “eagerly participated” in the scheme.

The prosecutor said: “Individual Singaporeans are increasingly reliant on cashless payment systems, including the use of stored-value cards such as the Mifare cards in this case. 

“If computer crimes and the hacking of cashless payment systems were to become commonplace, reliance on a cashless payment system would be rendered impossible or, at least, prohibitively expensive due to additional checks that would have to be carried out.”

Wong could have been jailed for up to three years or fined up to S$10,000, or punished with both.

In recent similar cases, two Nanyang Technological University students were jailed for hacking Kopitiam stored-value cards to make purchases without topping up cash. 

Both began modifying their cards for free air-conditioning services in their residential hall rooms before hacking Kopitiam ones.