Uh, they invented the little 3 digit security code (CCV2) on the BACK of your card YEARS ago. Amazing what a good idea that was, and how good it works. The generation process has never been cracked, and it's illegal for merchants to store it.

It doesn't get transferred over RFID, and isn't included in the mag stripe information.

There are very few websites, and certainly no major ones, that don't REQUIRE the security code, so the other information is useless. So online purchases are out.

Now try going up to a merchant in person and buying something, without your credit card, AND without the CCV2 code. That's not going to happen either.

The ONLY stolen credit card scams that are working at all are those that trick users into entering ALL of that information into a FAKE merchant website, which then has ALL of the pertinent details. Or those thieves that swipe multiple transactions when the HAVE your credit card in hand. Everything else is scaremongering.

Next story please.

@flatlinebb: I would "swipe" Xeni's ass without a credit card reader :)

The credit card company I work for (which shall remain unnamed :) allows you to opt out of the RFID feature, just call and ask for a non-RFID card. I'm sure most will be able to oblige.

Wasn't this explained years ago by 2600 (The Hacker Quarterly)? "Mythbusters" obviously stole it from 2600, they are a bunch of engineering yobs, not particularly focused on exploits. Xeni Eraserhead and Boing Boing (started as a badly produced 'zine) were always poseurs on that scene .

They're pointing it at your ass. Not house. Any closer and its a UFIA.

those 2 should toooooooodally hook up OKAYYYY!!????

And this RFID-blocking card case appears to be available from many vendors: [bags-totes.daytimer.com]

I think RFID chips have their uses, but not in credit cards or passports. I mean, come on, is it that much work to remove a card from one's wallet? What's next...a giant bar-code on everybody's forehead?

However, my workplace is in the process of issuing new IDs with a special RFID in them, and they will include a special holder so that a person can't just walk up and scan my crotch to get the information.

The good news is that the California legislature just passed a law making it illegal for employers to compel employees to have RFID chips implanted beneath their skin.

Have we all gone insane??

@appsbyaaron: "Then while your at in line at the theater for opening day of Saw XVI the ticker taker will be scanning everyone who walks through the line so he can get a bigger bonus that year."

Oh, you mean just like all the cashiers who get busted every year for adding an extra card reader that logs your CC data when they swipe it for you? You know, like the ATM scam-reader thingys? If you haven't seen a rash of crime like that, why would this be any different? Seems like a lot harder than lifting everyone's CC data by handling the card.

Paypass security is good enough for me.. a counter stored on the RFID chip must match one stored on the Paypass network. Both are protected by decent hash-based security. So, if you have never used your credit card for RFID payments, there is a chance someone out there is using it to fill their car with Tim Hortons coffee or drink gasoline on your tab.

In which case, you might want to drill a 0.5 cm hole through the upper left corner of your card (about 2 cm down, and 1 cm to the left)

Checked to see if blocked my RFID CC and it worked just dandy. Also blocks my apartment entry and work entry cards as well.

Stainless steel rocks!

Didn't the X-Files address the government putting in that thin film strip that says the value of the bill as a ways of tracking how much money people have on them at any given time?

This is just the beginning. They'll strip out the reader and jam it all into an old cell phone case and just collect the data onto a 64 gig sd chip. Then while your at in line at the theater for opening day of Saw XVI the ticker taker will be scanning everyone who walks through the line so he can get a bigger bonus that year.

Or what about major sporting events where there are masses of people? Or 3 hour lines at Six Flags? Or an black van driving around your neighborhood? Shoot. I just found out that my house is in Google Maps' Street View. That guy could have been reading every RFID card in my house while he drove by.

and this is why I REFUSE to have rfids in anything i own [not including the ones that are already manufactured & hidden in certain products (like shoes)].

YUP!...RFIDs in passports is a GREAT idea! /sarcasm

.... now where did I put that hammer?......

can't you just poke the rfid with a pin to damage/disable it?

@Binaryslyder: There are silver-lined wallets that are out there. Its not solid metal. The silver is actually embedded in the fabric.

I still don't think this is a big deal. I'm more worried about the people in TGIFriday's writing my card number.

Heres an RFID blocking wallet that looks a little less like a tin foil hat, Faraday Material inside instead of aluminum. Blocks all communication! i have one!

Not that i would have a hard time noticing that guy wiping invisible crumbs off everyones ass

In the case of credit cards, there is usually a proprietary logo marked on the card itself. The Mastercard Paypass logo, a picture of waves eminating from a triangle, Chase's "blink" logo, etc. are some examples. For some American Express cards, you can see the chip outright (and the Expresspay logo at the back of the card).

Also, an alternate way to check for RFID chip is to lift the card up to a bright light source. Usually, most RFID tagged cards will have a small square "bump" on the surface of the card. It's hard to feel the "bump", so you have to look for it with your own eyes.

[www.wired.com]

how to disable rfid chips

And it it's the same technology why didn't they use the reader to see what they could get off a passport? It's because the passport has more security and can't be read unless the mrz on the book is scanned first.

Yesterday I got my new Wamu issued Mastercard Debit card in the mail. The first thing I noticed was the Paypass (or whatever they call it) propaganda in the envelope and the nifty wireless signal logo in the upper corner.

I was none too happy to see this (my expired one didn't have it) and I quickly hopped on teh intertubes to see the potential of this being exploited.

Damn you Consumerist! Stop pointing your card scanning device at my house!

Stainless steel wallets are apparently overpriced... reviews all seem to indicate they are "thin and delicate like silk" and fall apart within 3-8 months of normal wallet use.

Wasn't there a recommendation recently to smash the chip within the card with a hammer?

@Binaryslyder: RFID chips have been out for a while. Have you ever heard a story of CC information being stolen like you suggest? I guess we'll just be on the lookout for shady people pointing large antennas at people's butts in public.

@Binaryslyder: Stainless steel wallets are out, they're $80!

Even more interesting? These are the same chips in the new US passports. If you're a terrorist, I would imagine it would be pretty easy to scan a crowd for an American passport and then take action based on that knowledge... Scary.

If only they would imbed an RFID chip in Wal Mart receipts then we could all shop together. Imagine the harmony.

@sp00nix: You're a fucking genius.

Imagine walking by someone in a park or at a store and having them scan your card. Very scary stuff.

So let's talk prevention and deterrents people.

RFID is for your protection. I understand that. Your either with RFID, or your against RFID. (Insert gratuitous applause from the sheeple here).

How do you know if your card has an RFID chip, will it be visable on the surface?

Fortunately, I tend to notice people rubbing electronics against my ass. Guess I'm just hypersensitive that way.