What can help steal your credit card info?

Contactless payment cards have radio frequency identification tags in them which can be read from a distance by using a scanner. The same RFID technology ensures the operation of building access cards and transport cards. Therefore, data on all types of contactless cards are not secure.

A number of publications, such as NBC New York and The Sun, have conducted experiments showing that contactless card information can be stolen at close range. To do this, experts simply held a reader disguised as an iPad to the victim’s pocket, wallet, or bag. Now, scammers don’t even need to buy any devices to do this. Google Play has apps that can be used for the same purpose.

If you are in a public place where a lot of people have gathered, the risk of such fraud increases significantly.

What information can be stolen?

As a result of using RFID readers, fraudsters can get access to different types of data, for example, credit card numbers, information about the expiration date of the card. This data is sufficient for resale on the darknet, and after this information is supplemented with other personal information, it could be used for making transactions on a number of sites or opening an account in your name. If a fraudster has received part of your personal data, the chance that they will receive all the information necessary for making a transaction or opening an account increases significantly. At the same time, security experts say that 80% of credit cards are compromised in some way.  Their data was stolen as a result of phishing, skimming, malicious software on websites, fraudulent phone calls, and data violations.

How to protect your cards from skimming and other types of fraud

Of course, credit card companies are trying to improve the technology with encryption, but thieves are also using increasingly advanced technologies that allow them to steal personal information.

Therefore, we recommend that you follow the simplest preventive security measures against RFID skimming:

• Do not store your cards in your pockets or money clip wallets. Only in your wallet, and your wallet is in a zippered bag. The wallet must have a separate slot for each card so that you can see each card in its place.
• Use a special blocking wallet, holder, or blocking card to protect your contactless card from skimming. Do not wrap the cards in foil, it is not intended for shielding.
• If you see someone holding a mobile phone next to your wallet or bag, or acting strangely in the checkout line, step back and ask the store’s staff for help.
• Before using the card anywhere, check for card skimmers.
• Use one card for autopay accounts and the other for everyday purchases. The autopay and everyday strategy helps you save your money and personal data.
• Do not store photos of your cards on your phone, or write their data to your phone.
• Keep cards that you don’t use at home in a safe place. You can also keep a list of all your card numbers, expiration dates, and security codes, as well as contact information in case your cards, are ever stolen.
• Destroy any documents containing your credit card information, including documents containing the last 4 digits.
• Keep track of your account statements. If you see a suspicious purchase, immediately notify the card Issuer.
• Periodically check the personal accounts of the online stores that you use most often (Amazon, Target, etc.). if you find any transactions that were not made by you, contact the seller immediately.
• If someone asks you to provide your card details over the phone on behalf of the card Issuer, do not agree. Call the customer support number on the back of your card and ask the Issuer’s representative what to do in this case.
• Use a credit card instead of a debit card whenever possible. In General, the losses will be less if the thief drains your credit limit, rather than having access to funds from your debit card. If your debit card is compromised, you may lose access to all the money in your current account until the Bank deals with the fraud. This could take several days.
• Periodically change your passwords and update your card pin codes.

Keep your data and funds safe at all times.

‘If you are worried about someone reading your cards, there are several RFID blocking products that can prevent skimming.

The post Can someone steal your credit card info from your pocket? appeared first on RFID Cloaked - Protecting your RFID personal data.

To prevent the theft of data or money, you need to create a shield that protects your contactless cards from being read by RFID scanners.  A shield works by blocking the propagation of electromagnetic waves, which prevents the interaction of an RFID reader with your cards. The RFID reader will not be able to read your cards while they are inside the case with RFID blocking.

What you need to make an RFID blocker

To make an effective RFID blocker, you will need the following materials:

• textile for the front part;
• fabric for lining;
• office supplies (glue, scissors, awl, pen, ruler);
• a thin sheet of RFID blocking material, for example, this material.

To prevent RFID reading, you will need a layer of special material.  We do not recommend using foil, it is not intended for shielding and will not be totally effective, we wrote about this in detail in this article.  As a basis, you can use a cloth that does not crumble and has a margin of safety.  For the outer cover, it is advisable to use a robust material like leatherette. A plastic cover from an office folder would also do.

Stages of manufacturing the cover

1. You need to cut two identical rectangles of leather, plastic or other material 9.5 cm by 7 cm each;
2. Prepare another pair of similar parts from the inner material and RFID blocking material;
3. Put the three layers together and glue them.  Allow the glue to dry;
4. Sew the three layers together at a distance of 1-1,5 mm from the edge on three of the four sides.

As a result, you should get a reliable case.  By the way, scammers can scan the credit card style keys for cars as well. This case works great with those too!

‘If you do not have enough time to make your own RFID blocking card holder, you can simply buy an RFID card blocking wallet or RFID blocking card to protect your important information from NFC technologies. After all, it is better to prevent unauthorised card scanning than to regret not protecting yourself.

Products from the article

RFID blocking wallet

RFID blocking card

The post How do you make an RFID blocker? appeared first on RFID Cloaked - Protecting your RFID personal data.

"The designer knows that he has reached perfection, not when there is nothing to add, but when there is nothing to be taken away" said famous French writer Antoine de Saint Exupéry. He was right and, despite being way ahead of its time – this quote perfectly defines the current trend for minimalism.

Minimalism An Understated Elegance

Minimalism in fashion is characterised by an understated, low key, elegance. A reduced colour palette with a definite preference for monochrome. Simple accessories, high quality materials, sleek silhouettes and precision tailoring are the key elements.

Functional Fashion

As well as clothing, the trend for minimalism continues to influence the design of fashion accessories which we use daily like wallets and bags. Whilst being primarily functional objects, accessories like bags and wallets are still sought after fashion accessories in their own right. As well as reflecting the individual style of the owner, they also have to be robust enough to stand up to daily use.

A new breed of high tech, minimalist wallets offer this blend of style, form and function, so in keeping with the minimalist aesthetic.

Slim and Stylish

Minimalist wallets tend to have a more urban, modernist look and come in a range of materials from traditional leather to carbon fibre. Lightweight and slim, they are popular with those who want to have quick access to their wallet. Small enough for a front pocket or suit pocket which keeps them accessible.

Take what you need

Designed for your everyday carry – minimalism is more than just an aesthetic movement – it is a way of life. Products which are designed to carry what you need, and only what you need are becoming increasingly popular as we ditch our bulky, old fashioned wallets in favour of a more modern alternative, designed for modern life.

RFIDSecur Wallet

We have designed our new secure wallet to deliver a perfect balance between form and function. The sleek, minimalist design is understated with an urban edge. Made from robust materials with our RFID blocking fabric at its core, it protects your cards from being read without your knowledge. It has an innovative and unique retractable tray on either side. You need only slide your card out to be read before it automatically retracts, securing your cards once more. It is designed for singlehanded use and is therefore perfectly suited to travelling, commuting and sports.

We believe it is the perfect, design led, minimalist wallet!

On Kickstarter…

For more information on our wallet and to find our about our Kickstarter campaign and keep up to date with our progress, click here.

The post Minimalist, a lifestyle choice or perfect design? appeared first on RFID Cloaked - Protecting your RFID personal data.

When you leave a house one of the things you always carry with you is a wallet. Probably like most people, you like to carry your stuff with you all the time. Money, credit cards and ID card are the things that we carry with us all the time.

Secure travellers wallet

If you are often travelling and use public transport, train or any other means of transportation, the imperative is a good wallet. When we say good we think it's safe, it's invisible because of the pickpockets, slim and one-handed type of a wallet. Travel wallets are all about getting rid of a jumble, keeping your valuables safe and organised, and making sure you enjoy your trip.

Good wallet for travellers

When you are travelling, you need a good wallet. A good wallet means that you can put inside all the things you need, it is big enough for all your cards, cash and other documents, but on the other hand, it is safe and you have to be sure that all your things will be secure.

Capacity and function

Even the best traveller wallet is something between capacity and function.

What a good traveller wallet contains:

-Slim and minimalistic

-RFID blocking

-The minimal organisation and streamlined

What type of travel wallet do you need? There are a lot of travel wallets on the market. Some are super slim minimalist only holding a few things, while others are much bigger and full-sized made for purses. It depends on what sort of trip you’re taking, is it a day trip or a weekend getaway. Depending on your travel trip, your wallet might need to hold a lot of coins, or a lot of cash, or credit cards.

Travel wallets come in some various materials—leather, carbon fibre, aluminium, and even a waterproof and travel RFID blocking type of a wallet easy credit card access, hidden stash pockets, tons of room for your cash and cards.

Minimalist slim traveller wallet

The best type of wallets when you are travelling is a minimalist slim wallet. Why is that? It is small, with this kind of wallet you avoid being the target as someone pickpocket victim, it is accessible and one-handed use.

RFID travel wallet

If we are talking about travel wallets, we have to mention RFID wallet. It is important that your wallet is secure and that your money and cards will be safe all the time. The RFID blocking wallet is a for a bounce the better option on travel than the minimalist wallet.

Accessible wallet

Most of these wallets are very practical, which is very important. You can easily take off them from your pocket or a purse, use them with one hand, which is important if you need to use the card for the subway or a train. Choose some accessible, one-handed and durable wallet for your travel. If you are going to spend a lot of time in a crowd, choose minimalist and slim wallet, that can fit in your pocket.

The post Traveller wallets – the most secure and accessible appeared first on RFID Cloaked - Protecting your RFID personal data.

Consumer adoption rates for contactless methods are consistent across the continent with a 97% upswing in contactless transactions so far this year, MasterCard reports.

While consumer faith in the security of contactless may be increasing overall, reports in the UK press of the risks of paying for your daily coffee, train journey or sandwich with a quick point-of-sales card tap suggest growing public concern.

In late August for example, an Aberdeen couple told The Guardian newspaper of how £600 was spent on their contactless cards at home despite having taken the cards with them on holiday to Poland.

Evidence has also been mounting that it is possible to grab information using card reading technology that can then be used to steal a cardholder’s identity.

Consumers are countering this with innovative ways of protecting their cards against data theft, ranging from covering their cards in tinfoil to specially-designed wallets employing radio-frequency identification (RFID) technology.

While the specialist wallets do block radio waves, they also have the side-effect of preventing the cards from being used without first taking them out of the casing.

This can be particularly frustrating to commuters who rely on moving quickly through ticket barriers with a quick tap in or out.

However, Exeter-based start-up RFID Cloaked is aiming to correct this with their new RFID wallet.

As well as offering security for your data, these wallets allow users to pay on the move, giving data protection without sacrificing convenience. What is more, the new wallet prioritises style, allowing users to choose from a range of looks.

“We are different by design,” says co-founder Julian Ghail. “I really think our product is design-led, not for design’s sake, but to be intuitive to use.”

Due to launch their second Kickstarter campaign in October, the team is offering its first backers a fifty percent discount on the wallet. To be one of the first to sign up, check out their page here at https://rfidcloaked.com/pro/.

*this is a paid promo*

var _paq = _paq || []; var url = “https://rfidcloaked-ltd.storychief.io/increasing-contactless-card-use-heralds-next-wave-of-safe-wallet-tech?id=1096204995&type=2”; const queryDict = {}; location.search.substr(1).split(“&”).forEach(function(item) {queryDict[item.split(“=”)[0]] = item.split(“=”)[1]}); if (‘contact’ in queryDict){ const separator = (url.indexOf(“?”)===-1)?”?”:”&”; url = url + separator + “contact=”+queryDict[‘contact’]; } if (‘list’ in queryDict){ const separator = (url.indexOf(“?”)===-1)?”?”:”&”; url = url + separator + “list=”+queryDict[‘list’]; } _paq.push([‘setDocumentTitle’, ‘Increasing contactless card use heralds next wave of safe wallet tech’]); _paq.push([‘setCustomUrl’, url]); _paq.push([‘trackPageView’]); _paq.push([‘enableHeartBeatTimer’, 15]); _paq.push([‘enableLinkTracking’]); (function() { var u=”//storychief.piwikpro.com/”; _paq.push([‘addTracker’, u+’piwik.php’, ‘c6b21681-0851-4179-a36d-c984aa57d945’]); var d=document, g=d.createElement(‘script’), s=d.getElementsByTagName(‘script’)[0]; g.type=’text/javascript’; g.async=true; g.defer=true; g.src=u+’piwik.js’; s.parentNode.insertBefore(g,s); })();

The post Increasing contactless card use heralds next wave of safe wallet tech appeared first on RFID Cloaked - Protecting your RFID personal data.

Almost £7m was taken in 2016, compared to £2.8m in 2015, according to Financial Fraud Action UK.

In the same period, contactless spending rose from £7.75bn to £25.2bn.

The figures translate as a loss of 2.7p for every £100 spent, which is actually a fall from 3.6p in every £100 spent in 2015.

A judge recently slammed the technology, which does not require a PIN, for making life “too easy” for criminals during the sentencing of a fraudster in Devon.

Contactless cards can be used for transactions of up to £30.

Graph showing the increase in contactless fraud in the UK increasing rapidly

Gareth Shaw, money expert with consumer group Which?, said there are “still questions around the security of these cards”.

“Card companies must be responsible for striking a better balance between convenience and security,” he said.

The post Contactless payment fraud soars to £7m appeared first on RFID Cloaked - Protecting your RFID personal data.

It is always a pleasure to get feedback. After successfully being funded on Kickstarter we have started to deliver our first RFIDsecur card orders. Kickstarter backers are beginning to receive the first batch of these contactless protection cards.

Our RFIDsecur Contactless blocking cards was backed by 213 back all around the world

We’ve been receiving some great feedback from many of our RFIDsecur card Kickstarter backers we thought we’d share some with you.

If any of our Kickstarter backers are reading this, please feel free to share your thoughts and posts with us and we’ll do our best to update our page with your comments.

Kickstarter Comments

Winfried Mayr – Superbacker
Got mine, they look great – thank you!

Robert Warwick – Backer
My cards arrived the other day and they’re brilliant past some on to my family. Many thanks.

Ben Pasquali – Backer
Received today! Tested and passed thank you!

Ronan – Superbacker
Received! Thanks !!! Backer #20 – delivery to France

Licensecart – Backer
Got my cards today and they look so amazing Thank you for your hard work guys, will buy more soon.

Twitter posts

@RFIDCloaked I was lucky enough to be one of your kickstart backers. Great product many thanks.

— Robert Warwick (@RobertCWarwick) February 12, 2017

Hi @RFIDCloaked found out this morning that your card works! Couldn’t enter the bus because I put your card wrongfully in my wallet. Great!

— Jeroen Bartelse (@JeroenBartelse) February 9, 2017

@RFIDCloaked I put your card on the wrong side of the bus card. I was good to experience that it does work! Changing the order fixed it

— Jeroen Bartelse (@JeroenBartelse) February 9, 2017

Got my @RFIDCloaked delivered off @Kickstarter. Thanks guys! ? #fintech pic.twitter.com/TfZLNTSOy4

— Chris Gledhill (@cgledhill) February 8, 2017

Good to see a @kickstarter campaign actually come to life! Contactless payment cards are now protected thanks to @RFIDCloaked #RFIDsecur pic.twitter.com/Oq4Q7N7QDc

— Jeroen Bartelse (@JeroenBartelse) February 8, 2017

Yeah! Won some nice @RFIDCloaked shielding passes, helps to keep my rfid on my banking pass safe! Find them on #kickstarter!

— Marco Leeuwerink (@M_Leeuwerink) February 8, 2017

The post Feedback appeared first on RFID Cloaked - Protecting your RFID personal data.

How easy is it to get at data stored on your contactless bank card, it’s easy than you think.

Card data scanned without authorisation

BBC Rip Off Britain investigate how easy it is to use your bank card data scanned using a smart phone, all this is possible with shocking results. The security expert makes an Amazon online payment using the scanned card data.

BBC Rip Off Britain

The post How safe is contactless payment? BBC – Rip Off Britain appeared first on RFID Cloaked - Protecting your RFID personal data.

He was putting through payments of less than £30 in a wireless card reader and touching it on wallets of unsuspecting people.

The post Contactless card owners warned against public transport scanner hack appeared first on RFID Cloaked - Protecting your RFID personal data.

The following is an interpretation of the Payment Card Industry Data Security Standard version 3.2 (PCI DSS 3.2) against the data readily accessible from a contactless card.

It suggests that your card data is at risk, that this risk is identified as a concern for the PCI (Payment Card Industry) such that they list it as a key concern. Yet contactless cards offer no protection of this data and the PCI does not seem to address this.

All the different data types stored on a bank card including chip, PAN, Cardholder name expiration date magnetic strip

Activities that put data at risk

A survey by Forrester Consulting of businesses in the U.S. and Europe reveals activities that may put cardholder data at risk.

• 81% store payment card numbers.
• 73% store payment card expiration dates.
• 71% store payment card verification codes.
• 57% store customer data on the payment card magnetic strip.
• 16% store other personal data.

Source: The State of PCI Compliance (commissioned by RSA/ EMC)

What are the PCI CONCERNS and it’s role?

The goal of the PCI Data Security Standard (PCI DSS) is to protect cardholder data and sensitive authentication data wherever it is processed, stored or transmitted. The security controls and processes required by PCI DSS are vital for protecting all payment card account data, including the PAN – the primary account number printed on the front of a payment card.

What does PCI Data Security Standard (PCI DSS) do? Cardholder data protection

Cardholder data refers to any information printed, processed, transmitted or stored in any form on a payment card. Entities accepting payment cards are expected to protect cardholder data and to prevent its unauthorized use – whether the data is printed or stored locally or transmitted over an internal or public network to a remote server or service provider.

Paragraph 3.3 of PCI DSS 3.2 states that Mask PAN when displayed (the first six and last four digits are the maximum number of digits you may display), so that only authorized people with a legitimate business need can see more than the first six/last four digits of the PAN. This does not supersede stricter requirements that may be in place for displays of cardholder data, such as on a point-of-sale receipt.

Paragraph 3.4 states that Render PAN unreadable anywhere it is stored – including on portable digital media, backup media, in logs, and data received from or stored by wireless networks. Technology solutions for this requirement may include strong one-way hash functions of the entire PAN, truncation, index tokens with securely stored pads, or strong cryptography. (See PCI DSS Glossary for the definition of strong cryptography).

But by comparison, the riskiest behavior is using contactless cards with RFID chips and the contactless payment favoured by banks as the alternative to cash. Why? Simply because all contactless payment cards natively and openly reveal basic information that should be protected, the PAN, and other data. With a mobile phone application, currently available to download, it is very simple to access (without the cardholder’s knowledge or permission) the data from contactless cards.

What data can be found reading a credit card?

I want to show you the results of reading the card from one phone application. In the App, the card number is revealed in full, but in line with PCI guidelines, only the first six and last four digits are revealed here.

• Track 1
  • Expiry date: 1 Nov 2017
  • PAN Card number : 540463******8991
  • Format : B
  • Service: International interchange
  • Normal
  • No restrictions
  • None

• Track 2
  • Expiry date: 1 Nov 2017
  • PAN Card number : 540463******8991
  • Service: International interchange
  • Normal
  • No restrictions
  • None
• AID : A0 00 ** ** ** 10 10
  • Label: MasterCard
  • Priority: 1
  • Pin try left: 3 Time(s)

Not only this, but it is also possible to view the recent transaction log of the card.

Data that can be read with unauthorized access from your bank card

According to PCI DSS 3.2, none of this information should be accessible, transmissible, recordable or stored and yet all of it is. So when it comes to risky behaviour should not the guide address and highlight this as follows: 100% of contactless cards reveal PAN and other sensitive customer data in breach of PCI DSS 3.2 when accessed.

What about Governance?

It is said that “all five payment card brands, along with Strategic Members, share equally in the Council’s governance, have equal input into the PCI Security Standards Council and share responsibility for carrying out the work of the organization”. And “PCI DSS applies to All entities involved in payment card processing including merchants, processors, acquirers, issuers and service providers”.

So one must surely ask where’s the excuse for this seemingly non-compliance with DSS 3.2? How can a merchant be held accountable to DSS 3.2 when the governing members appear not to be? Ask yourself as a card user, are you fully satisfied that your contactless payment card is truly secure, that your data is not of use to fraudsters? 

And what does this lack of security ultimately benefit? It would seem only the ease and speed of use of contactless transactions perhaps to ensure contactless payment uptake? Complying with PCI DSS Standards, is that not the primary concern?

‘We have written many articles about security issues with contactless cards. You can read about this in our blog

The post PCI DSS 3-2 Contactless data exposure – Surely not poor Governance appeared first on RFID Cloaked - Protecting your RFID personal data.