Should You Worry About Contactless Credit Card NFC Skimming
If you have a contactless card, you might have worries about skimming. A contactless card or “frictionless” or “tap and go” is a card that has technology in it that allows payment over secure wireless like Apple Pay, Android Pay etc. Basically, this is where a criminal literally digitally pickpockets you by scanning things like your debit card or passport. What’s scary about this is that anyone can get an app for their phone that will allow them to skim. Is there protection for this? Maybe.
But before you freak out, you probably don’t even have a contactless card. Very few cards deployed in the USA are contactless, so that sleeve you use doesn’t protect you from anything. Now if you are overseas or even in Canada, then look at your card and if there is a WiFi looking logo on there, you have contactless.
The way that the bad guys skim this information is by using RFID, or radio-frequency identification. There are RFID signal jammers out there, but the question is this: do they work and are they necessary?
RFID Signal Blockers
If you put some time into it, you will find a number of RFID signal blockers on the market. Some of these are small and slip right into your wallet. Others are passport sized. There are also RFID signal blocker wallets on the market.
A blogger recently put these RFID signal blockers to the test…on the London Underground, one of the most crowded places in the world, especially during rush hour. He set up the test by asking one person to place a debit card in their pocket, and then another person used a mobile phone with an RFID signal scanner. The result was that the phone could scan and record the number on the debit card and the expiration date, simply by holding the phone really close to the pocket.
The blogger took the test a step further and tried to block these signals with RFID blocking technology. Even though the experiment was very unscientific, the blogger found that the blocker stopped the skimming.
There are some things you can do to protect yourself from this. First, check your passport. It should have a chip in it. This chip is in all US passport that have been released since 2007. Now, someone can still take information from your passport using RFID skimming, but they have to actually be on the page where the photo is, and it’s pretty rare that they would have access to that.
You can also use a shielding device. They can certainly work, and some people have even found great results by using tinfoil. This will further help to protect your accounts.
Finally, even if you are using an RFID shielding device, make sure that you are checking your statements for anything suspicious. This is especially the case if you often find yourself in crowded places, like the subway.
Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.