“RFID” is becoming a standard acronym in everyday life. You might have an RFID employee card, or an RFID gym fob, or notice that your workplace uses RFID for logistics and equipment-tracking.
What Is an RFID?
RFID stands for radio frequency identification. As the name says, a reader can get “identification” from the card through radio waves on a specific radio frequency. (See how the name came about?) When you tap your employee card on the reader, for example, it reads and records your entrance using your specific code.
What Uses RFID?
This is where it gets tricky. RFIDs are used by anything from employee cards to credit cards. They are used for accurately tracking or receiving data, and for convenience and more productivity (versus a physical logbook, for example). This is where RFID blocking comes in.
What Is RFID Blocking?
RFID blocking is when you place something around your RFID-enabled cards to block them from being read. According to a demonstration at the Shmoocon (a hacker’s conference) in 2012, someone onstage demonstrated how an RFID-enabled credit card can be read by a contactless reader. The speaker then used the information to make a small transaction. RFID blocking (foil or other metals that block electromagnetic pulses) can stop this from happening, if they are embedded in your wallets, clothing, etc.
Do You Need RFID-Blocking Accessories and Clothing?
TL;DR: Not necessarily. First, it is almost impossible to make any kind of credit card transaction, even online, without an OTP (one-time pin). Each transaction is encrypted. Second, why skim credit cards in person if you can do it remotely? Most importantly, since RFIDs came out in 1948, there has been no record of person-to-person RFID skimming-related credit card fraud.
Now, let’s break it down.
As of mid-2019, the American Bankers Association announced that there were 374 million open credit card accounts in the US. Of these, a fair amount are RFID-enabled with technology called NFC (we’ll look at that later). According to Consumer Affairs, there were 167,000 reports of credit fraud in 2019. And lastly, according to Digital Trends, the number of people who experienced person-to-person RFID skimming-related crimes is zero.
Why is this so?
Data encryption is standard
As soon as RFID skimming became theoretically possible, banks took steps to reverse that possibility for their cards. (Credibility is a bank’s true currency!) The type of RFID most credit cards use now is NFC, or near field communication. Whenever the card interacts with a payment portal, it does so through a one-time encrypted code.
Because of the encryption, the RFID reader never actually accesses any of your account information, including your name, account number, or security code (those 3 numbers at the back). Anyone who used a skimmer would receive a code good for a one-time transaction. If he or she chose to use it anyway, they would still need to sign for any purchase higher than $100-$200.
Credit Card Theft is Predominantly Online or Machine-Based
How can thieves steal credit card information from you online? They can pay for the details on the dark web, use social media information to scam individuals, or gain access into a secure database. All of which are infinitely easier, and safer, than walking around our CCTV-saturated world with an RFID card reader. Even a mask, cap, and sunglasses won’t guarantee their safety.
How do they steal credit card information via machines? (Which is also technically online, since the information is transmitted online, but for the sake of clarity let’s call it machine-based.) They can install skimmers on the top of ATM keypad shields (ironic, isn’t it?), or on POS (point-of-sale) machines (the ones you tap your card at when making a transaction).
They can do both forms of theft from the comfort of their home or internet cafe, with the help of a VPN (virtual private network) that masks their IP addresses and location. There’s a bit of risk when it comes to grabbing info from the skimmers on ATMs, if they are not rigged to remotely transmit the information, but that’s still less risk than putting oneself in constant danger.
How Can You Lessen Your Level of Risk?
If the thought of RFID skimmers does make you nervous, you can use a fold of aluminum foil around your card. Slide it inside your wallet or in a casing of cardboard. Alternatively, you can check the physical security in areas that you frequently shop or withdraw money at. Security personnel are crucial to managing CCTVs in real-time, or checking ATMs and POS machines for any attached equipment that might be skimming information.
If you are looking for ways to invest in security measures, you can get encrypted software or accounts that keep all your passwords (the ones that store none of your information). Keep more of your social media details private, and change your passwords regularly. Read through your credit card transactions and report anything you’re not sure of. All of these measures are more effective than an RFID-blocking accessory.