My opinion
I’m not a security expert but I’ve always suspected that RFID (think Chip and PIN credit cards) could be compromised. If it can be read by a legitimate reader then it can be read. If you can read it, you can do bad things with it. The information may be encrypted but it can still be read. You simply use the encrypted format. You don’t really need to know what it says to make a purchase with it.
That’s a bit simplified of course, but the point is that there are holes.
Opinion confirmed?
The other day, one of our members found this and posted it to the alert list. It sums it all up nicely. Do I believe everything in YouTube? No, of course not. But these and those related are pretty convincing.
And in case you think that the credit card companies don’t know about this, watch this response when Adam Savage of Mythbusters is asked about RFID at the HOPE conference (Hackers On Planet Earth)
And remember that this is the same RFID that the Government wants to use for national security.
Update
On September 4th SlashDot reported that, according to TI, only one lawyer was present and that most of the people on the call were product managers from the Smart Card Alliance. Savage also reaffirmed that he was not on the call himself and that the decision was made by the production company.
Bottom line
It is pretty clear to me that Chip and PIN is about as safe as any credit card. Read that any way you like.
Similar Posts:
- I Stand Corrected. There Are RFID Cards in the U.S.
- RFID Credit Cards in the U.S. After All?
- Contactless Payment and Fraud
- The latest in credit card fraud news
- United States – Credit Card Fraud is about to increase
Done my part to forward this link on to all family and friends….need to make everyone we know aware of how bad this really is. :)
Pingback: United States - Credit Card Fraud is about to increase | Merchant911 - Fraud Prevention for Merchants