Experts say RFID hacking easy
Recommended viewing: Seattle KIRO-TV consumer reporter Amy Clancy’s disturbing report on how easy it is to steal data from credit cards that have the “tap and go” technology built in.
Radio frequency identification (RFID) technology is increasingly used in everything from library books to keyfobs that let office workers in their buildings (I have two in my pocket now) — and many credit cards. They transmit very short range radio signals that a receiving device reads before it decides whether to let you check out a book, get to your cubicle or pay for that vente Cinnamon Dolce Frappuccino with your credit card.
Clancy’s report focused on credit cards. She interviewed self-described hackers and experts, such as Karsten Nohl, who make a convincing case that the devices can easily be hacked. Anyone can buy an RFID reader — they’re pretty cheap on e-Bay — that can be plugged into a USB port of a laptop. Put a credit card within a few inches of the reader and the laptop displays the card owner’s name, credit card number and expiration date.
You may ask, “Who, pray tell, would be dumb enough to hand their credit card to some guy with a card reader?” It wouldn’t happen that way. A thief would power up that laptop, stick it in a briefcase, stand at a crowded intersection or bus stop, and the card reader would gather enough data to go on a shopping spree.
See related: Cell phone plus contactless credit card: Yak, wave and buy, Contactless credit cards “floundering”
Off to the Fiesta I go: The Finance Fiesta, a blog carnival that is “A celebration of the blogosphere’s best personal finance articles,” has kindly seen fit to include one of my blog items in Fiesta No. 3, The Spanish Money Proverbs Edition, hosted by Our Fourpence Worth. The blog item was on how credit card lenders are sharply tightening their standards.