How Radio Frequency Identification is used to Steal Credit Card Numbers

Radio frequency identification, or RFID, is a common technology and one that is growing more common all the time. It is almost certain that you have come in contact with this technology in recent years. The most noticeable of these places is in the packaging of almost everything you buy at any store which are used to trigger the security system if you attempt to walk out of the story without paying for something. The use of these is expanding though and one of the most likely places you will find one in the next years is on your credit cards which leads to a more important question of security as there is far more important information on those cards.

RFID tags are very inexpensive chips which are able to send out radio frequencies and share information with RFID readers. In the case of something in a store it simply says whether you have paid for something or not. In the case of your credit card it could give out things like your name, your credit card number, the expiration date and everything else a computer might want to know in order to verify that it really is your credit card, or anything that a thief might want in order to steal your money. More importantly than that a criminal could get it while the credit card remained in your pocket making it almost impossible to know it had been stolen.

The credit card companies are, naturally, aware of this danger and have put 128 bit encryption into place along with a onetime number that is sent for each transaction. If these numbers do not match then no other information will be exchanged and your information will be safe. The problem with this is that already a team at the University of Massachusetts, Amherst, has been able to build a scanner that could gather the information from these cards¹. There have been no reported cases of this occurring outside of these places, but with the amount of money available if someone were to simply be able to walk through a crowd and steal dozens of credit card numbers and names it seems unlikely that no one less trustworthy will attempt the same thing.

There are a number of solutions to the RFID danger. The most simple is simply to stick with the old magnetic credit card, but there are advantages to the near field cards. This leads to the other easiest solution. There are both wallets and sleeves that these credit cards can go into which will block the radio waves until you take them out of your wallet².

The information on a credit card with an RFID tag is the same information on any other credit card and the only real change in danger is the possibility that a high tech thief could get access to that information remotely. This is, so far, unlikely but it is still a real possibility and one that must be considered.

1- http://www.popularmechanics.com/technology/how-to/4206464

2- http://www.cbsnews.com/stories/2010/12/03/tech/main7114331.shtml