A comment on a recent QoD page caught my eye. Someone was downtown during March Madness and when he got home, he had a few unrecognizable charges on his Discover and debit cards, some from California and one from Luxemburg. He figured that he got scanned by an RFID reader on Fremont Street. He called it “electronic pickpocketing.” So he bought an “RFID blocking credit card holder for around $10. Can you explain about RFID readers and blockers, please?
This is a fairly technical question and answer and we don’t claim any expertise in the subject, but fairly extensive research uncovered the following.
Radio Frequency Identification (RFID) is an electromagnetic method for transmitting and receiving small bits of information at fairly short distances. RFID-enabled credit cards wirelessly transmit the necessary data to an RFID reader to complete a financial transaction. You wave your credit card in front of a payment station and the information goes directly to the payment processor.
RFID credit cards are more common in Europe, but they’re starting to arrive in the U.S. Around a billion of them have been issued worldwide, though how many are in the U.S. isn’t known exactly; we saw estimates from 2% to 6% of the total. If your credit card has RFID tech, it will display the “wave” symbol (see photo).
An RFID-enabled credit card doesn’t actually transmit a signal on its own. The card is a passive “resonant circuit” that responds to a ping by the reader with the chain of data programmed into the RFID tag.
“Skimming” the RFID signal refers to using a reader, often fit with a strong antenna, to capture the data from credit and ID cards, passports, and the like. Over the years and decades, the effective distances have grown — from just a few inches to 100 yards. Skimming is a form of digital theft.
The experts we sourced uniformly agree that blocking devices aren’t necessary.
Hackers did have success with early-generation RFID cards, which weren’t encrypted, but the newer cards are encrypted, which renders skimming much more difficult, and some say impossible. Experts also claim that no “real-world crime of RFID skimming has ever been reliably reported by law-enforcement authorities” and that only the specter of RFID skimming is used to sell devices that block skimming.
We don’t know about impossible, but we do know that the cause of credit-card fraud and theft is difficult to determine; unless the card was lost or stolen, victims generally can’t pinpoint how their information was compromised. Also, given that non-encrypted cards are fading into the past, credit-card criminals can much more easily buy number of hacked and stolen credit cards by the thousands from a number of online sources, while hackers can steal millions of cards at a whack from vulnerable websites.
Wrapping RFID-enabled cards in heavy-duty aluminum foil protects them; metal interferes with the signal reception.
All that said, we’re not trying to imply that RFID-blocking sleeves, wallets, backpacks, and the like are worthless. The simplest blockers cost a few bucks and if they help you feel more secure, more power to them. Also, some of them are attractive and quality products with or without blocking.
For us, though, we’re much more concerned about card skimming from illicit readers at ATMs and gas stations. Those can and do steal debit card numbers and PINs, which puts bank accounts within easy reach of digital thieves. We’re also not unaware of data breaches by major retailers (Target, Sony, and Exactis come immediately to mind). So we pay close attention to our bank and credit card statements for anything amiss; we also tend to rely on bank and card fraud programs, which have been effective in our experience.
As always, we encourage readers to weigh in on this subject, especially with personal experiences.
 |
Jackie
Jul-01-2018
|
 |
Pat Higgins
Jul-01-2018
|
 |
Dave in Seattle.
Jul-01-2018
|
|
Dave in Seattle.
Jul-01-2018
|
