banner james carlini - Carlini's CornerBy James Carlini

More and more people are getting credit cards with a built-in RFID chip in them. That little RFID chip (Radio Frequency ID) can transmit your credit card info out several feet when it is scanned by any reader. Most people do not know this.

You can tell if your credit card has an RFID in it because most cards will be marked by one of several symbols: PayWave, PayPass , or BLINK or the symbol that looks something like this )))) There are some cards that have no indication that there is an RFID in them.

Chances are, some of your major credit cards like Visa, American Express and others have the RFID chip already embedded in them.

A year or two ago, there were several reports on how the RFIDs in your credit cards could be compromised. Someone could read the information with a reader from a couple of feet away. Then, there were articles that countered those claims saying there was never a reported incident of credit card information being stolen that way.

The truth is that it can happen and because it is done without any knowledge of the card owner, how can anyone be sure it hasn’t been done? A scan is silent. There are no sounds or cash register bells going off when the information is scanned. You cannot say there is not any card abuse or identity theft going on.

Identity theft is the fastest-growing crime according to the FBI. Stolen information off of credit cards is possible. Just because the FBI doesn’t track it specifically, doesn’t mean it is not happening. The same is true for crimes committed at an ATM. There is no specific FBI statistics gathered for that specific crime, yet that is a crime that happens. Banks don’t want you to know that that is a possibility. The same denial seems to go with electronic credit card thievery.


In my opinion, the NFC chip in a Smartphone is more secure than a constantly “on” RFID in your credit card that provides information every time it is scanned. Both have their legitimate applications, but I think that if you are going to go with an easy “swipe system” for credit card purchases, Smartphones equipped with NFC chips are a more secure technology to employ.

RFIDs come in three types of frequencies which the lowest can cover up to 100 meters. That is a pretty good distance. Other frequencies transmit a shorter distance. At only a couple of feet, someone can walk right past and do a scan to pick up your credit card info on all the credit cards in your wallet without you even knowing it is happening.

On the other hand, the NFC chip is a subset and refinement of RFID specifications. It has a much shorter range of transmission (about 4 inches) and is used in Android-based Smartphones for “mobile wallet” applications as well as other applications that are being constantly created. Look at the table of comparisons and differences at the bottom of this article between the RFID Chip and the NFC Chip found in some Smartphones (like the Samsung Galaxy):

Besides credit cards, RFIDs are used in building passes for limiting access to a building. Here is another area where stealing the RFID information with a home-built reader can create more uncertainty as to compromising building security and limited access areas.

If you are going to use RFID technology, understand its limitations and weaknesses. Also, check out Smartphone equivalents. A Smartphone may offer a more secure approach, especially when it comes to “waving over the reader” technology for purchases.

CARLINI-ISM : RFIDs are great capabilities in many industries, just understand their limitations and the technology that can compromise them.

Copyright 2013 – James Carlini



  1. Pingback: Digital Pickpockets Use Smartphone to Steal Credit Cards

  2. Good to know. A lot of my peers have posted of their accounts being hacked or their cards being stolen lately. Can this have something to do with one particular ATM? Is it the NFC chip you referred to? I definitely agree that can be more secure, but sometimes people (young people in particular) are too trusting with WiFi and in turn, allowing people to hack in.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s