Equipped To Survive Equipped To Survive® Presents
The Survival Forum
Where do you want to go on ETS?

Topic Options
#215884 - 01/29/11 02:43 AM RFID Credit Cards
Susan Offline
Geezer

Registered: 01/21/04
Posts: 5163
Loc: W. WA

My sister said she saw a program about RFID credit cards that contain a chip so you don't have to swipe the card, just wave it at the machine. There is also a 'reader' that hackers have that can read it from a distance.

How can you tell if your card is this kind? Is there a visible sign, or is it invisible?

Sue

Top
#215887 - 01/29/11 03:29 AM Re: RFID Credit Cards [Re: Susan]
Yuccahead Offline
Member

Registered: 07/24/08
Posts: 199
Loc: W. Texas
Sue,
They are pretty rare in the US and I believe they are all marked and advertised to their users. Not all of them are shaped like traditional credit cards such as the Mobil SpeedPass.

I think Visa offers one called the "Blink" and American Express also offers one. The Visa has a special symbol on it and the Amex has some embeded-electronic looking stuff on the front of the card. Use Bing's image search for RFID Credit Card to see examples.
_________________________
-- David.

Top
#215890 - 01/29/11 05:34 AM Re: RFID Credit Cards [Re: Susan]
dougwalkabout Offline
Crazy Canuck
Carpal Tunnel

Registered: 02/03/07
Posts: 3219
Loc: Alberta, Canada
Hmm, I think my MC has one. It has a logo that says paypass or speedpass, something like that.

Can't say I care for it. Seems like trouble in the making.

"The more they overthink the plumbing, the easier it is to stop up the drain." - Scotty

Top
#215900 - 01/29/11 03:34 PM Re: RFID Credit Cards [Re: Susan]
Teslinhiker Offline
Veteran

Registered: 12/14/09
Posts: 1418
Loc: Nothern Ontario

My Mastercard has this feature which goes by the name Mastercard PayPass. I don't use this feature as I rarely use my credit card anyway plus there are not a lot of businesses using it and there is also a $50.00 purchase limit on the transaction.

Apparently some first generation cards were vulnerable to hack attempts though.. Note that the info in the link is almost a year old and I would imagine that some security changes have been made by the cc companies since.
_________________________
Earth and sky, woods and fields, lakes and rivers, the mountain and the sea, are excellent schoolmasters, and teach some of us more than we can ever learn from books.

John Lubbock

Top
#215901 - 01/29/11 04:15 PM Re: RFID Credit Cards [Re: Susan]
chaosmagnet Offline
Sheriff
Carpal Tunnel

Registered: 12/03/09
Posts: 3819
Loc: USA
It's quite easy to clone a current-generation RFID device. Distances vary from covert near-contact to over 100 meters with a big antenna. I'd recommend avoiding the use of RFID payment devices for now.

Top
#215904 - 01/29/11 04:32 PM Re: RFID Credit Cards [Re: Teslinhiker]
Paul810 Offline
Veteran

Registered: 03/02/03
Posts: 1428
Loc: NJ, USA
If you are worried about it, there are various RFID blocking wallets and what not out there. Essentially, all you have to do is create a Faraday cage around your card and it will significantly reduce its ability to be read. Just wrapping the card in aluminum foil, for example, is typically enough.

With that said, I'm not hugely worried about it. Stealing credit card information by RFID (RFID sniffing) is no different than the many other methods credit card information is stolen. More often than than not, credit card numbers are stolen by a cashier or restaurant employee via a quick swipe of the card through a hidden illegal card reader or by someone just taking the time to write down (or photograph) your card information. These methods are less encrypted than the RFID chip and much more prolific. The only way to stop them would be by never letting anyone else see or touch your card, which isn't exactly practical.

Also, it's worth noting that, the encrypted information on an RFID chip does not include the CVV2 number required for electronic commerce, so even if they do get the number and unencrypted it, it's not like they can easily do an internet shopping spree with it.

Best thing to do is to simply keep a watchful eye on your credit statements, so that you can quickly contest and report fraudulent activity. Any good bank/credit card company should quickly cancel your card, remove the fraudulent charges from your account, start an internal investigation, and quickly send a new card out to you. It should be a relatively painless process for you, as an end customer.

Top
#215905 - 01/29/11 04:40 PM Re: RFID Credit Cards [Re: Paul810]
Teslinhiker Offline
Veteran

Registered: 12/14/09
Posts: 1418
Loc: Nothern Ontario
Originally Posted By: Paul810
If you are worried about it, there are various RFID blocking wallets and what not out there.

With that said, I'm not hugely worried about it


I am not that worried about either,. It's just that in general, I don't have no use for using my credit card to pay for everyday purchases if I don't need to regardless of method. I also realize that there are a myriad of other nefarious methods that unsavory people use to obtain credit card and debit card data.
_________________________
Earth and sky, woods and fields, lakes and rivers, the mountain and the sea, are excellent schoolmasters, and teach some of us more than we can ever learn from books.

John Lubbock

Top
#216179 - 02/01/11 07:46 PM Re: RFID Credit Cards [Re: Susan]
MartinFocazio Offline

Pooh-Bah

Registered: 01/21/03
Posts: 2203
Loc: Bucks County PA
I spent 4 years working on a web site for a major credit card company, and spent many hours in discussions about credit card security and American perceptions therein.

In summary: Americans have more protections with their credit cards than the credit card companies want you to know about. Your liability for fraud is limited - by federal law - to $50. That's the case for all credit cards. This is not the case for debit cards.

In terms of "Near Field Non-Contact RFID" cards, this is another one of those cases where Americans are way, way behind the rest of the world. Americans don't like them. We don't understand why.

Consider that your signature is essentially a useless validator of your identity when it comes to a credit card. I sign with smiley faces and pictures of cats on those "sign here" digital pads. It's pointless.

When I travel, I use credit cards exclusively to keep track of business expenses.

I find that for the majority of my purchases under $25, they don't even ask for a signature anymore. The fraud behavior detection tools are smart enough to identify aberrant transactional behavior. Real fraud happens at the hundreds of dollars range, not the $50 range.

That said, there are "swipe and toss" operations, where unscrupulous individuals who may have physical access to your card, say in a restaurant, make a copy of your magnetic stripe, and then duplicate that stripe information onto a "dummy card, such as an old visa gift card, a hotel room key, really anything with a mag strip. These cards are used for a few hours in many low-dollar transactions, including ironically the purchase and funding of legitimate prepaid credit cards.

In Europe - in fact in most of the rest of the world - credit cards make use of an additional, and hard to copy RFID chip - it's like those "EZ Pass" toll collection devices you see - the systems that read your toll tag and you keep driving along. The mag stripe alone is not enough to validate the card - the card reading device itself detects the RFID signal - and more often than not requests a "PIN" (like your ATM card). This "chip and pin" method is MUCH more secure than the mag stripe only method used in the USA.

Here's a good article: http://www.upgradetravelbetter.com/2010/...merican-shores/

So, can your RFID chip be read remotely? Yes, absolutely, if someone is determined and has some kind of motivation to gather your information, they will. NONE of your personal information is EVER completely secure. None. Ever.

In general, the "tap and go" applications of the RFID chips (Discover Zip, Visa PayWave, Mastercard PayPass, and whatever Amex calls it) are all to the ends of increasing your transaction volume. Nothing more.

Now, American Express patented a system that could scan you remotely to give you a "Minority Report" tracking like experience:

http://www.spychips.com/press-releases/american-express-conference.html

In the end, these companies don't really care WHO you are in the least. They don't care about YOU a bit, they just want EVERYONE to BUY more stuff. It's that simple.

Top
#216434 - 02/04/11 05:47 PM Re: RFID Credit Cards [Re: MartinFocazio]
Arney Offline
Pooh-Bah

Registered: 09/15/05
Posts: 2485
Loc: California
Originally Posted By: MartinFocazio
Your liability for fraud is limited - by federal law - to $50.

Many credit cards also tout their zero liability policies in case of fraud. With credit cards being such a cash cow, they don't want to jeopordize anyone losing faith or getting scared of using their credit card for as many purchases as possible.

Quote:
In Europe - in fact in most of the rest of the world - credit cards make use of an additional, and hard to copy RFID chip...the card reading device itself detects the RFID signal - and more often than not requests a "PIN"...This "chip and pin" method is MUCH more secure than the mag stripe only method used in the USA.

I believe this difference between America and other places is a holdover from the early days of credit cards. America has a vast telephone system which allowed those credit card readers to "phone home" to verify transactions. In contrast, separate phone lines just for card readers were not so readily available in many European locations, so more stand-alone verification systems were used there, and those differences persist to this day.

I remember when I lived in New York, Visa rolled out a pilot program for Visa Cash in the late 90's in the Upper West Side. Basically the "chip and PIN" system that Martin described using a stored value smart card. I was a fan of the system and tried to use it as often as I could, but it was a real dud and didn't last long. It was just too much hassle, I guess, for users and merchants to use another payment system. Speed is the key, I think. The faster the transaction goes, the higher the chance of widespread acceptance, I think. I think the new system doesn't necessarily have to be faster (although that helps a lot) but it can't be slower or more cumbersome than the current methods or else people will reject it.

Top



Moderator:  Alan_Romania, Blast, chaosmagnet, cliff 
March
Su M Tu W Th F Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Who's Online
0 registered (), 295 Guests and 21 Spiders online.
Key: Admin, Global Mod, Mod
Newest Members
GallenR, Jeebo, NicholasMarshall, Yadav, BenFoakes
5367 Registered Users
Newest Posts
What did you do today to prepare?
by dougwalkabout
Yesterday at 11:21 PM
Zippo Butane Inserts
by dougwalkabout
Yesterday at 11:11 PM
Question about a "Backyard Mutitool"
by Ren
03/17/24 01:00 AM
Problem in my WhatsApp configuration
by Chisel
03/09/24 01:55 PM
New Madrid Seismic Zone
by Jeanette_Isabelle
03/04/24 02:44 PM
EDC Reduction
by EchoingLaugh
03/02/24 04:12 PM
Using a Compass Without a Map
by KenK
02/28/24 12:22 AM
Newest Images
Tiny knife / wrench
Handmade knives
2"x2" Glass Signal Mirror, Retroreflective Mesh
Trade School Tool Kit
My Pocket Kit
Glossary
Test

WARNING & DISCLAIMER: SELECT AND USE OUTDOORS AND SURVIVAL EQUIPMENT, SUPPLIES AND TECHNIQUES AT YOUR OWN RISK. Information posted on this forum is not reviewed for accuracy and may not be reliable, use at your own risk. Please review the full WARNING & DISCLAIMER about information on this site.