You can shred your documents into infinitesimal scraps, guard your laptop with the latest security software, and fit your mail box with a lock and key, but you have overlooked a huge threat to your personal well-being. Resting benignly in your wallet lurks a massive fly in your identity-protecting ointment—your RFID-enabled credit card.
What is RFID?
Let’s face it. Society is obsessed with doing everything as quickly and easily as possible. Thanks to the latest technology, mobile payments have become even simpler. This is where RFID-enabled cards come in to play.
The RFID, a.k.a. “radio frequency identification,” feature is becoming a commonplace payment option found on many credit cards. If you aren’t sure if your credit card is RFID-enabled, look for the phrase “PayWave,” “PayPass,” “ExpressPay,” or “Zip.” These are often called “tap and go” cards and can also bear a logo with four parallel lines like the ones shown below.
The down side
RFID-enabled credit cards do offer consumers a quick and easy way to purchase goods. This keeps vendors happy as customer lineups and wait times are shortened. But what’s the downside to this convenient payment method?
Your RFID credit card uses a microchip and a radio antenna that is continuously transmitting your account information—even while it is tucked away, snugly, in your back pocket. And the data that it is sending out is enough to enable a counterfeiter to create a duplicate card.
And this is where the tale of intrigue begins. A would-be fraudster can retrieve that data simply by standing a few inches away from you—something people likely do all the time.
A smartphone application available through the Google Play store enables users to access your RFID card data including your name, credit card account number, and the expiry date. And that’s not all. For about $100 an unsavory character can purchase an electronic credit card reader online. They then simply store the information on a laptop and make themselves a cache of phony credit cards.
With your name and credit card account in their hands, they may even be able to change the account address—making them mere steps away from stealing your very identity.
The up side
Not everyone has jumped onboard the anti-RFID train. Some take comfort in the fact that they no longer need to hand their card over to the clerk, eliminating the possibility of them copying the magnetic strip.
Others point out that frauds committed using an RFID-enabled card are, by design, limited to a single transaction. “Tap and Go” cards use one-time security codes that change with each transaction, meaning that a fraudster cannot go on a prolonged shopping spree on your dime. Of course, if the criminal is aware of this limitation—a likely scenario—they will opt to do a lot of damage at one “big ticket item” store.
How can you protect yourself?
The first step is to determine whether or not your cards are equipped with RFID technology. You may want to check with you financial institution to see about switching to an “old school,” pre-RFID alternative.
If you enjoy the tap and go feature, but want to keep your credit card accounts safe, there are some products on the market designed specifically for that purpose. Tyvek sleeves and RFID wallets will block your information from hackers. Many people also recommend fabricating your own sleeve out of aluminum foil and duct tape.
Some individuals have taken bizarre measures to “kill” their RFID signals including microwaving their cards for three seconds, hitting it with a hammer, and stabbing it with a letter opener—but these are just strange. Plus, many merchants won’t accept a card that appears to be tampered with.
The best protection, other than not having an RFID-enabled card at all, is to monitor your bank accounts and credit card statements diligently. If something strange is going on, you need to be made aware as soon as possible.
But really, how hard is it to swipe your card and enter a PIN? Surely, putting up with this minor inconvenience is a small hardship compared to falling victim to credit card fraud.
How do you feel about RFID-enabled credit cards? Why?