Do you really need RFID blocking?

Published on: 02 Jan, 2021 | 12:49:22 PM

Personal data and funds must be kept completely secure – this is an indisputable fact. It is especially true for those people who travel often or who take frequent business trips. A lot of information is now stored on different devices that use RFID technology. Let’s see how secure this technology is, and whether we need to take any additional steps to protect the data stored in this way;  So, do you really need RFID blocking technology?

RFID technology safety. Why do you need RFID blocking?

RFID (radio frequency identification) is a process that uses electromagnetic fields to identify and track tags attached to objects. Tags contain electronic information that can be read by an RFID reader which uses radio waves.

This electronic information can be intercepted and stolen.  Why? RFID chips are always on and are accessible by anyone with an RFID reader and these RFID readers are sold freely. The chips on contact-less cards contain your data, which could be made available to fraudsters. The RFID chips can be skimmed with a reader without touching your wallet or pocket. This is called electronic pick-pocketing.

The most common devices with an RFID chip are RFID credit and debit cards, RFID identification cards, and RFID passports. Contact-less cards are so widely used that criminals have many opportunities to get hold of your card information. Although most RFID chips are partially encrypted, and the distance at which the card chip can be read is reduced, data and money theft are still possible!

How can your data and money being stolen? It’s quite simple; It is possible for a criminal to take a payment from your payment card with a mobile payment machine or by using a mobile phone, send the data to another phone and make a payment on that second device.  Also, they can read information from a contact-less card using RFID readers. The hacker only needs to get close enough to the victim’s card for a short period.

It is also possible to make payments which are above the payment limit (£45 in the UK or $100 in the USA). There is a way to bypass that limit on Visa cards. In 2019 researchers extracted several successful payments as high as £101.  Hackers need special hardware to intercept and insert messages in the communications between the card and the reader. They could tell the card that verification wasn’t needed and then told the terminal that verification has already been made.  For the attack using two mobiles, it was possible to use one smartphone to tap a card and clone it. The cryptogram is sent to the second phone, which simulates the card as if it were making a mobile payment.

So, fraudsters can skim details off your contact-less card.