I spent 4 years working on a web site for a major credit card company, and spent many hours in discussions about credit card security and American perceptions therein.
In summary: Americans have more protections with their credit cards than the credit card companies want you to know about. Your liability for fraud is limited - by federal law - to $50. That's the case for all credit cards. This is not the case for debit cards.
In terms of "Near Field Non-Contact RFID" cards, this is another one of those cases where Americans are way, way behind the rest of the world. Americans don't like them. We don't understand why.
Consider that your signature is essentially a useless validator of your identity when it comes to a credit card. I sign with smiley faces and pictures of cats on those "sign here" digital pads. It's pointless.
When I travel, I use credit cards exclusively to keep track of business expenses.
I find that for the majority of my purchases under $25, they don't even ask for a signature anymore. The fraud behavior detection tools are smart enough to identify aberrant transactional behavior. Real fraud happens at the hundreds of dollars range, not the $50 range.
That said, there are "swipe and toss" operations, where unscrupulous individuals who may have physical access to your card, say in a restaurant, make a copy of your magnetic stripe, and then duplicate that stripe information onto a "dummy card, such as an old visa gift card, a hotel room key, really anything with a mag strip. These cards are used for a few hours in many low-dollar transactions, including ironically the purchase and funding of legitimate prepaid credit cards.
In Europe - in fact in most of the rest of the world - credit cards make use of an additional, and hard to copy RFID chip - it's like those "EZ Pass" toll collection devices you see - the systems that read your toll tag and you keep driving along. The mag stripe alone is not enough to validate the card - the card reading device itself detects the RFID signal - and more often than not requests a "PIN" (like your ATM card). This "chip and pin" method is MUCH more secure than the mag stripe only method used in the USA.
Here's a good article:
http://www.upgradetravelbetter.com/2010/...merican-shores/ So, can your RFID chip be read remotely? Yes, absolutely, if someone is determined and has some kind of motivation to gather your information, they will. NONE of your personal information is EVER completely secure. None. Ever.
In general, the "tap and go" applications of the RFID chips (Discover Zip, Visa PayWave, Mastercard PayPass, and whatever Amex calls it) are all to the ends of increasing your transaction volume. Nothing more.
Now, American Express patented a system that could scan you remotely to give you a "Minority Report" tracking like experience:
http://www.spychips.com/press-releases/american-express-conference.htmlIn the end, these companies don't really care WHO you are in the least. They don't care about YOU a bit, they just want EVERYONE to BUY more stuff. It's that simple.