Digital Pickpockets Use Smartphone to Steal Credit Cards
In 1998, British professor Kevin Warwick had an RFID (radio-frequency identification) chip surgically implanted into his arm. The chip was able to help the professor open doors, turn off lights, and cool his wine. Fifteen years later, those same chips are a standard feature of many credit cards, but sadly, RFID chips have not turned credit cards into door openers, light switchers, or wine coolers.
Instead, RFID chips have made paying with a credit card faster and easier for consumers, but unfortunately, they have also made credit card information vulnerable to tech savvy pickpockets.
Smartphones that are equipped with a form of RFID technology called NFC (near field communication) were originally released in 2007, and now over 55 percent of all smartphones are NFC enabled. This technology gives smartphones an ability to receive and transmit data, which in the wrong hands can be used to read the credit card data of anyone who is close to that smartphone owner.
Digital pickpockets create RFID readers which rifle through your wallet looking for your credit card information. For several years, this activity was only available to people who knew how to write the right codes, but now, any aspiring pickpocket can download the necessary application from the Internet and turn their NFC enabled smartphone into a stealing machine. Once their phone is loaded with stolen credit card info, the digital pickpockets can actually use their smartphones as a form of payment.
A Successful Heist
Paying for goods with a smartphone is a relatively new trend that is often referred to as contactless paying. In this type of transaction, the consumer simply scans their smartphone into a reader which detects their credit card information. In Seattle, a group called the Problem Solvers decided to explore just how tricky it would be to steal someone’s credit card info using digital pickpocket techniques.
After “stealing” the relevant information from several credit cards, The Problem Solvers were able to use the information successfully at six out of eight of the stores they visited. At the two stores where their transactions were denied, the clerks blamed the issue on the reader, and they never even suspected that the customers in front of them were indeed digital pickpockets.
According to the Financial Times, RFID-powered credit card transactions are safer than conventional credit card transactions, and most consumers who use RFID cards have to enter a secure PIN at least once for every five transactions. Because the technology has only been approved in England for use on sales that are under 20 pounds, a thief without a PIN could only charge up to 100 pounds with stolen card information. In spite of the relative security of this technology, however, these cards are still only used for about five percent of the total mobile payments throughout the world.
Extra Layer of Security
In spite of the PIN protection offered with RFID cards, stories like the successful heist above have made many consumers wary of RFID cards. While some consumers simply pull out their RFID chips with a knife and then destroy them in the microwave, others look for more simple solutions. Lifelock ID theft recommends consumers use fraud monitoring to protect their credit cards. Through these programs, your social security number and credit card accounts as well as other sensitive information is actively monitored. When problematic or unusual activity is detected, it is dealt with immediately rather than several months down the line after the issue has snowballed. Guns Magazine advises consumers to use phone-kerchiefs or metal-lined wallets that create an impenetrable field around the card, blocking the attempts of digital pickpockets to rifle through your wallet or purse.