The Simple, Brilliant Way To Stop RFID Robbers

The money of the future won't be cash, or even sliding plastic — it'll just be a wave of the hand, we're all told. RFID-enabled credit cards sound great, but add an unprecedented theft risk. So how about an on/off switch?

The idea is wonderfully clever: just hold the card on a certain spot if you want to make a purchase — probably a spot you'd be holding the card naturally, anyway. With the contact of your skin, a circuit is completed, and your wireless money is allowed to flow, explain researchers at the University of Pittsburgh:

"Our new design integrates an antenna and other electrical circuitry that can be interrupted by a simple switch, like turning off the lights in the home or office. The RFID or NFC credit card is disabled if left in a pocket or lying on a surface and unreadable by thieves using portable scanners."

With this new technology, consumers would simply hold RFID or NFC credit cards in a specified area-for example, on an emblem or some other identifying mark-when making a transaction. As long as the "switch" is held, the card is turned "on." When returned to a wallet or purse and tactile contact is discontinued, the card automatically turns "off."

So, sorry, creepy guy with an antenna standing outside of Target. Your sci-fi scam looks like it won't be much good, if it was ever any good to begin with. Frankly, RFID fears were probably more bogeymen than anything else, but peace of mind should at least speed up the tech's adoption. [University of Pittsburgh via VentureBeat via The Verge]


Comments

    If it's all a crock, why did the big banks stop the Mythbusters doing an feature on the ease of ripping off RFIDs?????

      Here's a famous quote for you - 'Why don't you provide hyperlinks to substantiate your assertions?' - Abraham Lincoln.

      its quite simple why, CC fraud actually accounts for a very, very small percentage of their costs, when compared to any other traditional business' "shrinkage" its daylight robery, they're on a good thing, your money is insured and its really a massive,massive non-issue but the media will always find an angle to beat it up to make you afraid., thats their job.

      But while all this is the case they have to proactively protect their "security" (through obscurity) methods and given the large majority of people arent interested in a life in crime and know that its all tracable and getting away with it is quite difficult, they cant exactly let people advertise on high rating shows how easy it is to rip off THEIR money (ie not yours, as much as you think it is) or you'd just be encouraging more people to do it. It makes absolute sense, it isnt a grand conspiracy by evil corporations, its just common sense.

    Still doesn't stop thieves from stealing it out of your pocket and using it the same way you do, doe it? Perhaps that electrical pattern of the heart deallio from last weeks posts could be used here!

      Although the option to sign means that your card is just as insecure anyway usually. I mean I used to work checkout at a supermarket and I got a lot of comments from customers being surprised that I actually checked their signature at all. Even then signatures can vary a lot and are hard to really confirm at all properly, using a PIN is the only vaguely secure method but of course we've learned that aint that secure either. Really your best bet is to keep close tabs on your cards and ensure they're cancelled quick if they're lost or stolen.

        Although I think I might invest in an RFID blocking wallet pretty soon :P

          Yeah, I was talking about if someone stole your RFID card! No signature, no pin. Just touch and go, doesn't matter if it's yours or not!

            I know, hence my reply that the ability to sign to use a card pretty much annuls any supposed security anyway. Touch and go or not if your card gets stolen it can be used incredibly easily.

      The heartbeat story was actually about creating encryption keys, not identifying individuals.

    I was surprised last night when I found the RFID worked about 4" away from the sensor. However I do like that when I have full hands I can currently pay by swiping my wallet and not taking the card out.

    Yeah its safe as houses and the credit card companies are 100% confident in the technology. Carry on.

    *COUGH* http://www.youtube.com/watch?v=X034R3yzDhw *COUGH*

    Mythbusters were on to something about 4 years ago when RFID emerged, and subsequently got told to abandon the project. There are issues with it, but as long as it is credit cards it's not the users problem. All major CC companies will fight their own war against fraudulent activity and rarely hold the user accountable.

    Problem with :"tap and go" payments is the criminal doesn't even need to make up a fake looking bank card. They just copy your RFID info to a blank card and keep it inside their wallet. If they keep churning through different card profiles it makes it hard for the banks/Police to track.

    I do NOT care if a criminal tries to use my credit card.
    The bank is required by law to cover fraudulent transactions, so the worry is the bank's, not mine.

      Unfortunately, it is your problem, and my problem. In fact we all pay!
      Do you really think the bank cops the loss for credit card fraud? Of course not! They pass the cost on to us, the consumer. They do this in a number of ways:
      * They charge us HUGE fees and/or interest.
      * They charge merchants a percentage of all transactions. This can be as high as 4% of the total.
      * They often debit the merchant's account for the chargeback for a fraudulent transaction.
      Eventually, all of these costs are filtered onto the consumer in some way, even those of us who do not use credit cards.

        Credit card fraud accounts for 7 cents in every 100 dollars (thats like .07%), compared to a retail store where it can be several percent (some places approaching double figures) but about 2% on average, you dont know what you're talking about.

        Yes banks change handsomly at both ends for the convenience of not using cash, and borrowing their money, but it seems the market is well able to bare it as the charges have remained roughly the same for a very long time. Fraud simply doesnt enter the equation when it comes to making back their costs, they're well covered several hundred times over.

    Commonwealth bank cards and Brisbane Gocards seems to run on the same frequency and when you try and use a reader with both of them near each other they confuse the reader and cause it not recognise the card. I like to think of it as a nice safety net.

    NFC is supposed to deteriorate very quickly, so that a creepy guy with an antenna standing 6 feet away would get no signal. This would more protect against someone pocket bumping you with a reader in their pocket, or Isaac using all his credit cards at once on the NFC reader.

    I want to make a copy of my NFC enabled card. A copy of my card on an RFID sticker on the inside of my phone's case would be much more useful than an actual card. Or what about one of the implantable chips in my hand, like the one used to microchip pets?

    Why is eveyone so worried about NFC security? Its not as if a signature has ever prevented CC fraud and your bank/CC issuer return funds in such a case. Get over it and get on board with faster payments.

      "Its not as if a signature has ever prevented CC fraud "

      Pretty much. If your signature actually gets checked it only has to have the most vague resemblance to what's on the card, after all signatures look different every time anyway. Of course there's plenty of times it wouldn't even be checked, even though it's supposed to be.

    How is this better than what we're currently got if you need a "switch".

    It's just wank for the sake of wank.

    Don't worry..

    It costs the bank nothing to self insure against credit card fraud....

    Businesses churn so much cash (credit) in a day, This sort of Crime costs next to nothing, and creditcard credit is issued without any reserve anyhow.....

    It is all a giant merrygoround with you me and the whole sodding lot of us stuck in the middle....

    (Hypothetical future scenario)
    Then the government goes and starts off a New tax (scam) for you(the tax payer) to bail you (the account holder) out when the banks demand that the cost of covering credit-card fraud is making them (loose shareholder dividends (without which their shareprice would be worthless) )( insolvent (which they are to startwith)) unprofitable, and they threaten to take the economy down when they all go bankrupt .....

    Nice story. Who gives a crap, there are more important things to worry about just don't loose your wallet...

Join the discussion!

Trending Stories Right Now