How secure are RFID cards?

Radio-frequency identification (RFID) is a technology that uses electromagnetic fields to detect and verify “tags” associated with objects. 

Cards implanted with RFID chips provide a method for two nearby devices to share data without needing direct contact. It's in use across the world, in functions such as passports, bus passes, inventory tracking, access doors, and more importantly, credit cards, debit cards, and ATM cards. 

For example, someone with an RFID bus pass just needs to walk by the sensor to board, instead of manually taking the card out for an inspector. Banks are also slowly rolling out RFID cards to replace the old mag-stripe cards. 

While RFID has created increased convenience for consumers and efficiency for businesses, there are some concerns regarding its security, which you can read below. 

RFID security concerns 

Despite how exciting RFID technology is, the role of radio waves as RFID's transmission medium makes the technology susceptible to both environmental factors and malicious users. For the former, reflective surfaces like foil can be used to steal RFID card data – as well as protect the card from scanners. 

RFID can be susceptible to hackers because the interaction between the RFID chip and the reader can be done with no authentication, leaving the system open to man-in-the-middle attacks and spoofing. More modern RFID cards are equipped with added security to prevent malicious attacks, although outdated RFID technology is still prevalent.

As a result of potential security breaches with RFID, tech companies have even built products to protect RFID cards like wallets and protective sleeves that prevent criminals from swiping your data.  

Keeping your RFID cards safe 

Whether you have an RFID key for your apartment, or use a RFID card to access your work parking garage, many of us use RFID technology on a daily basis. Especially if the specific RFID card does not have safeguards in place, it's important to exercise precaution. 

To make your RFID card or key more difficult for thieves to read, place it next to other cards in your wallet. Also, make sure to carry RFID cards in your front pocket. If the card is in your back pocket, a hacker could stand behind you and use a scanning device. If the card is in your front pocket, that becomes much harder to do unnoticed.

Some hacker technology can intercept RFID data while within a few feet of the device. As a result, it's important to be constantly aware of your surroundings when using RFID-enabled credit cards. Before using your card, look around you for any suspicious people or activities. Consider using an alternate payment method if you have any reason to doubt.

RFID sleeves and shield wallets are another option for added security. These protective devices are lined with special material to block scanners. For extra security, consider purchasing a RFID jamming device, which sends out its signal to disrupt potential hackers. A more DIY, low-budget option is to make an aluminum foil shield to protect your RFID card when it’s not in use. 

The necessity of RFID security

RFID technology poses the risk of data interception, where a hacker can do anything from making false charges to stealing your identity. Certain technology enables hackers to read credit cards through clothes and wallets. 

Although the chances of encountering someone with the tools and wherewithal to pull off such an attempt are small, taking security precautions can be well worth the time and money. Added security is especially useful if you live in a densely populated area or travel regularly with sensitive data.

Someone who uses a single RFID card for purchases likely won't need several layers of security beyond placing the card in their front pocket and perhaps using a shielded wallet, though businesses would do well to invest in RFID protection if RFID plays a substantial role in their day-to-day operations. 

If you’re wondering why you don’t hear about RFID data breaches all the time, investigators point out hacking is often a waste of time. It's usually impossible for hackers to know the data's contents before obtaining it, so they're risking a serious crime for potentially just a few bucks. Additionally, serious hackers could just target the database of companies for a potentially bigger payoff as opposed to individual skimming. – Rappler.com

Kayla Matthews is a writer with a passion for new technologies and their applications to daily life. She writes about AI, bots and apps for sites like MakeUseOf, VentureBeat and Motherboard. To read more posts from Kayla, follow her on ProductivityBytes.com.