An interesting technology that is gaining momentum among consumers is Radio-Frequency IDentification (RFID), and it is something we all better start paying attention to. Actually, RFID is an old concept allegedly resulting from our military and espionage efforts in WW2. It involves the miniaturization of radio transmitters to send signals for a variety of purposes; e.g., does anybody remember the transmitter James Bond hid in the heel of his shoe in the movie "Goldfinger"? RFID has come a long way since then, and has been reduced to a tiny computer chip about the size of a grain of rice. This of course means it can go just about anywhere and opens some interesting possibilities for commercial use. It is now implanted in animals to identify them, in highway toll collection devices, in passports and company identification cards thereby allowing security access to facilities. Consumers though need to pay particular attention to how RFID is being implanted in credit/debit cards, for this conceivably opens Pandora's Box to identity and financial theft.
I recently saw an investigative report by WTHR-TV in Indianapolis that discussed the ease by which criminals can steal your credit/debit card information, thanks to the RFID chip. Unbeknownst to consumers, new RFID cards have slowly been replacing expired traditional plastic cards. They may look the same, but they certainly are not. Such cards are intended to speed up purchase transactions simply by waving the card at a reader as opposed to swiping it through a machine. Many people, including yours truly, didn't realize we already have the new cards. On some cards, the chip is visible, but most are hidden from sight just below the plastic surface. However, if you have a symbol on your card which looks like radio waves )))) or if it says "payPass", "Blink", or "payWave", then in all likelihood you have the chip.
According to the WTHR-TV report, it is relatively simple to purchase or assemble an RFID reader, wave it near an RFID credit/debit card and thereby illegally obtain the card's information for criminal use. In other words, no physical contact is required for the criminal to pick your pocket, only near contact to receive the transmission signal from the chip. The ease by which this can be done was rather startling to consumers in the television report who see this as a genuine threat to their finances.
The credit/debit card companies contend security is not a problem, but the WTHR-TV report made a skeptic out of me. It then becomes a question of how to protect ourselves. Theoretically, the radio waves can be blocked if the cards are wrapped in aluminum foil. There are also companies like Identity Stronghold who are now selling specialized wallets and other devices to secure your card.
In the television news story, the reporter indicated a consumer can request non-RFID cards from their companies, however I found this to be easier said than done. I discovered the RFID chip on one of my cards (I don't want to say which) and so I called their Customer Service department to request a new card without the chip. I explained my situation to the Customer Service rep who said he would look into the matter and take care of it for me. About a week later I received a form letter from the company informing me I was ineligible to get a non-RFID card, and if I had any other questions, I should call them back. Believe me, I called them back, and I wasn't too pleased doing so. I made my displeasure known to the first Customer Service rep who quickly passed me on to a supervisor, who passed me on to a higher level supervisor named "Jane" who patiently listened to my predicament but claimed not to know anything about this security problem. I began by telling her I hoped it wouldn't be necessary for us to part company after +20 years using their card. Remaining cool and calm under pressure, Jane assured me she would look into the matter and resolve it for me. However, while talking to her I got the uneasy feeling Jane was acutely aware of the problem but was handcuffed in terms of solving it. It seems the credit/debit card companies are bent on having everyone use the new RFID cards. As of this writing, I still have not had the problem resolved.
Fortunately, I discovered on the Internet a rather simple and inexpensive way for solving the problem, either by simply drilling a hole in the chip or banging a hole into it with a small screw or nail. I've got a feeling though, this is something the credit/debit card companies do not want to see propagated, but if they are unwilling to replace the card, what choice does the consumer have?
It is not so much that I am against the RFID card, as much as I see it as another example of a technology solution that wasn't properly thought through, and the consumer will inevitably have to pay for the snafu. If the credit/debit card companies are truly committed to this technology they better be working overtime to correct this breach of security. Otherwise, I will likely not be alone in returning my card to "Jane."
About the Author
Tim Bryce is a writer and management consultant located in Palm Harbor, Florida. http://www.timbryce.com/ He can be contacted at: timb001@phmainstreet.com
Copyright © 2012 by Tim Bryce. All rights reserved.
According to the WTHR-TV report, it is relatively simple to purchase or assemble an RFID reader, wave it near an RFID credit/debit card and thereby illegally obtain the card's information for criminal use. In other words, no physical contact is required for the criminal to pick your pocket, only near contact to receive the transmission signal from the chip. The ease by which this can be done was rather startling to consumers in the television report who see this as a genuine threat to their finances.
The credit/debit card companies contend security is not a problem, but the WTHR-TV report made a skeptic out of me. It then becomes a question of how to protect ourselves. Theoretically, the radio waves can be blocked if the cards are wrapped in aluminum foil. There are also companies like Identity Stronghold who are now selling specialized wallets and other devices to secure your card.
In the television news story, the reporter indicated a consumer can request non-RFID cards from their companies, however I found this to be easier said than done. I discovered the RFID chip on one of my cards (I don't want to say which) and so I called their Customer Service department to request a new card without the chip. I explained my situation to the Customer Service rep who said he would look into the matter and take care of it for me. About a week later I received a form letter from the company informing me I was ineligible to get a non-RFID card, and if I had any other questions, I should call them back. Believe me, I called them back, and I wasn't too pleased doing so. I made my displeasure known to the first Customer Service rep who quickly passed me on to a supervisor, who passed me on to a higher level supervisor named "Jane" who patiently listened to my predicament but claimed not to know anything about this security problem. I began by telling her I hoped it wouldn't be necessary for us to part company after +20 years using their card. Remaining cool and calm under pressure, Jane assured me she would look into the matter and resolve it for me. However, while talking to her I got the uneasy feeling Jane was acutely aware of the problem but was handcuffed in terms of solving it. It seems the credit/debit card companies are bent on having everyone use the new RFID cards. As of this writing, I still have not had the problem resolved.
Fortunately, I discovered on the Internet a rather simple and inexpensive way for solving the problem, either by simply drilling a hole in the chip or banging a hole into it with a small screw or nail. I've got a feeling though, this is something the credit/debit card companies do not want to see propagated, but if they are unwilling to replace the card, what choice does the consumer have?
It is not so much that I am against the RFID card, as much as I see it as another example of a technology solution that wasn't properly thought through, and the consumer will inevitably have to pay for the snafu. If the credit/debit card companies are truly committed to this technology they better be working overtime to correct this breach of security. Otherwise, I will likely not be alone in returning my card to "Jane."
About the Author
Tim Bryce is a writer and management consultant located in Palm Harbor, Florida. http://www.timbryce.com/ He can be contacted at: timb001@phmainstreet.com
Copyright © 2012 by Tim Bryce. All rights reserved.
RSS Feed