RFID Gets Hammered

Security concerns over radio frequency identification (RFID) technology seem to be coming to a head. A 37-year-old software engineer actually took a hammer to his MasterCard PayPass ATM card to destroy the RFID circuitry inside, according to an April 10 report in The Wall Street Journal. He feared that someone could use the radio transmission from his card to get gasoline—at his expense.

Fears have been raised for some time over the security of these cards, which permit payment of service with a simple swipe of an RFID-enabled card over a reader at a checkout counter or gas pump.

But concerns are unlikely to slow down the corporate drive to deploy these so-called contactless payment systems. Visa, American Express and Discover, in addition to MasterCard, are adopting RFID technology.

And as 7-Eleven CIO Keith Morrow pointed out last year, , many consumers enjoy the convenienceof contactless payment systems and have a tendency to spend more when using the cards.

Most retailers expect the brouhaha to die down after major national retailers adopt the systems. And Exxon Mobil and Visa, the two largest RFID card providers, have recently made their cards faster and smaller to increase the convenience.

Manufacturers and adherents also point out that card issuers have been working to make the cards as secure as possible. And, they point out, the cards have to be within a couple of inches of a reader for their signals to be picked up—although skeptical testers have been able to pick them up from much farther away,casting doubt on the whole wireless security aspect of the exchange.

Still, for consumers who are wary of the devices, there are a number of safeguards.

Wallets made of duct tape, long a favorite of the geek avant-garde, are now being touted for their ability to block radio waves.

And as the Journal story pointed out, other wallets come with metal plates that also block the signals, while groups such as Germany’s FoeBud sell an array of products designed to eliminate illicit broadcast or pickup of sensitive information from an RFID card. The Journal also listed products that range from sophisticated electromagnetic pulse generators designed to fry the electronics of the cards (and any other sensitive electronics nearby), to hole punches and scissors that take a rather more literal bite out of the risk factor.

Still, for those truly worried about the security of their cards, nothing probably works as well as a hammer.