Hacking into the RFID wallet
As RFID continues to move from enterprise businesses and into the consumer space, people are becoming increasingly concerned with privacy. Particularly when RFID is combined with credit cards, an emerging trend that could soon enough be how we pay for everything.
However, since this form of payment is so new, is consumer privacy being protected? How can we ensure that hackers will not steal our information? Recently, at the Shmoocon hacker conference in Washington, D.C., an onstage presentation was given which demonstrated just how easy it was to steal someone’s RFID-enabled credit card information. Approximately $350 in equipment was used to wireless read the credit card and encode its data onto a blank card.
However, because of CVV restrictions, stolen card numbers can only be used once—if the victim uses his/her card before the thief does, then transactions on the card will be blocked. Still worried? Don’t be. According to Randy Vanderhoof, executive director of the industry group at the Smart Card Alliance, told Forbes, “We’ve got six years of history, a hundred million users of these cards, and we haven’t seen any documented cases of this kind of fraudulent transaction. The reason we think that’s the case is that it’s very difficult to monetize this as a criminal.”
If you’re still worried, then there’s always the duct tape wallet.