According to the WTHR-TV report, it is relatively simple to purchase or assemble an RFID reader, wave it near an RFID credit/debit card and thereby illegally obtain the card's information for criminal use. In other words, no physical contact is required for the criminal to pick your pocket, only near contact to receive the transmission signal from the chip. The ease by which this can be done was rather startling to consumers in the television report who see this as a genuine threat to their finances.
The credit/debit card companies contend security is not a problem, but the WTHR-TV report made a skeptic out of me. It then becomes a question of how to protect ourselves. Theoretically, the radio waves can be blocked if the cards are wrapped in aluminum foil. There are also companies like Identity Stronghold who are now selling specialized wallets and other devices to secure your card.
In the television news story, the reporter indicated a consumer can request non-RFID cards from their companies, however I found this to be easier said than done. I discovered the RFID chip on one of my cards (I don't want to say which) and so I called their Customer Service department to request a new card without the chip. I explained my situation to the Customer Service rep who said he would look into the matter and take care of it for me. About a week later I received a form letter from the company informing me I was ineligible to get a non-RFID card, and if I had any other questions, I should call them back. Believe me, I called them back, and I wasn't too pleased doing so. I made my displeasure known to the first Customer Service rep who quickly passed me on to a supervisor, who passed me on to a higher level supervisor named "Jane" who patiently listened to my predicament but claimed not to know anything about this security problem. I began by telling her I hoped it wouldn't be necessary for us to part company after +20 years using their card. Remaining cool and calm under pressure, Jane assured me she would look into the matter and resolve it for me. However, while talking to her I got the uneasy feeling Jane was acutely aware of the problem but was handcuffed in terms of solving it. It seems the credit/debit card companies are bent on having everyone use the new RFID cards. As of this writing, I still have not had the problem resolved.
Fortunately, I discovered on the Internet a rather simple and inexpensive way for solving the problem, either by simply drilling a hole in the chip or banging a hole into it with a small screw or nail. I've got a feeling though, this is something the credit/debit card companies do not want to see propagated, but if they are unwilling to replace the card, what choice does the consumer have?
It is not so much that I am against the RFID card, as much as I see it as another example of a technology solution that wasn't properly thought through, and the consumer will inevitably have to pay for the snafu. If the credit/debit card companies are truly committed to this technology they better be working overtime to correct this breach of security. Otherwise, I will likely not be alone in returning my card to "Jane."
About the Author
Tim Bryce is a writer and management consultant located in Palm Harbor, Florida. http://www.timbryce.com/ He can be contacted at: firstname.lastname@example.org
Copyright © 2012 by Tim Bryce. All rights reserved.