We use cookies to provide you with a better experience. By continuing to browse the site you are agreeing to our use of cookies in accordance with our Cookie Policy.
  • ::COVID-19 COVERAGE::
  • INDUSTRY PRESS ROOM
  • ABOUT
  • CONTACT
  • MEDIA FILE
  • Create Account
  • Sign In
  • Sign Out
  • My Account
Free Newsletters
  • MAGAZINE
    • Current Issue
    • Archives
    • Digital Edition
    • Subscribe
    • Newsletters
    • Mobile Apps
  • TRANSPORTATION
  • MATERIAL HANDLING
  • TECHNOLOGY
  • LIFT TRUCKS
  • PODCAST ETC.
    • Podcast
    • Blogs
      • Analytics & Big Data
      • Best Practices
      • Dispatches
      • Empowering Your Performance Edge
      • Logistics Problem Solving
      • One-Off Sound Off
      • Public Sector Logistics
      • Two Sides of the Logistics Coin
      • Submit your blog post
    • Events
    • White Papers
    • Industry Press Room
      • Upload Your News
    • New Products
      • Upload Your Product News
    • Conference Guides
    • Conference Reports
    • Newsletters
    • Mobile Apps
  • DCV-TV
    • DCV-TV 1: News
    • DCV-TV 2: Case Studies
    • DCV-TV 3: Webcasts
    • DCV-TV 4: Viewer Contributed
    • DCV-TV 5: Solution Profiles
    • MODEX 2020
    • Upload Your Video
  • MAGAZINE
    • Current Issue
    • Archives
    • Digital Edition
    • Subscribe
    • Newsletters
    • Mobile Apps
  • TRANSPORTATION
  • MATERIAL HANDLING
  • TECHNOLOGY
  • LIFT TRUCKS
  • PODCAST ETC.
    • Podcast
    • Blogs
      • Analytics & Big Data
      • Best Practices
      • Dispatches
      • Empowering Your Performance Edge
      • Logistics Problem Solving
      • One-Off Sound Off
      • Public Sector Logistics
      • Two Sides of the Logistics Coin
      • Submit your blog post
    • Events
    • White Papers
    • Industry Press Room
      • Upload Your News
    • New Products
      • Upload Your Product News
    • Conference Guides
    • Conference Reports
    • Newsletters
    • Mobile Apps
  • DCV-TV
    • DCV-TV 1: News
    • DCV-TV 2: Case Studies
    • DCV-TV 3: Webcasts
    • DCV-TV 4: Viewer Contributed
    • DCV-TV 5: Solution Profiles
    • MODEX 2020
    • Upload Your Video
Home » how secure is your RFID credit card?
rfidwatch

how secure is your RFID credit card?

December 1, 2006
John R. Johnson
No Comments

The next time you pull up to the drive-through window at McDonald's, you might want to reach into your pocket for some good-old fashioned cash. The "swipe free" credit card you've gotten accustomed to using to pay for a Big Mac and fries might actually be putting your personal information at risk.

In tests conducted this fall, researchers from the RFID Consortium for Security and Privacy were able to hack into the information stored on first-generation "swipe free" credit cards that use RFID technology. Though the information is supposedly encrypted, the group reported that all of the cards it tested revealed important personal information whose disclosure could lead to identity fraud and theft.

Nearly 20 million of the RFID-enabled cards have been issued by credit card companies like American Express and MasterCard, and are now being used by consumers at a growing number of retail outlets, including CVS drug stores and McDonald's.

Researchers from the consortium, which includes members from both industry and academia, found problems with all of the cards they tested, although they tested fewer than two dozen cards. "Every single RFID credit card and debit card that I have seen in my lab has revealed at the least the full user name and card expiration date, and the vast majority also revealed the full credit card number," says Tom Heydt-Benjamin, a graduate student at the University of Massachusetts and one of the study's architects.

Because the information is transmitted via radio waves, the cards can be read through a wallet, an item of clothing or an envelope. To illustrate how easily personal data could be skimmed from cards, Heydt-Benjamin outlined a scenario in which somebody posing as a campaign volunteer walked the streets stuffing fliers into mailboxes. It would be a simple matter for that person to use a concealed RFID reader to skim information from any credit cards that happened to be in those mailboxes, he said.

Privacy advocates called for credit card issuers to recall all of the cards in question and replace them with more secure versions. The group Consumers Against Supermarket Privacy Invasion and Numbering (CASPIAN) advised consumers to remove the credit cards from their wallets immediately and request an RFID-free replacement card. The group is cautioning consumers not to mail the cards back because of the risk that their personal information might be exposed.

Although he acknowledges that RFIDenabled cards have security flaws that must be addressed, Heydt-Benjamin says that when it comes to the overall risk of identity theft, "leaky" cards pose only a minor risk. Practices like phishing, he says, represent a much bigger threat to individual consumers.

"I hope this doesn't set the whole technology back," says Heydt-Benjamin. "We firmly believe that RFID is not a dangerous technology. Our research is about bringing appropriate security and privacy mechanisms into the RFID world. Our message is that while this issue is something that very much should be part of the RFID privacy debate, we don't see it as indicating that RFID technology is an evil or dangerous technology."

all RFID, all the time

If you're going to tag 65 products, you might as well tag them all. That at least appears to be Hewlett-Packard's thinking. The consumer electronics giant is considering the monumental step of applying RFID tags to all of the products it makes. Right now, it is tagging 65 product SKUs that it supplies to Wal-Mart, Target and Best Buy in compliance with the retailers' mandates. But company executives say HP has an internal study under way to determine if it would be more efficient to just tag everything.

Last year, HP used about 6 million RFID tags. That number is expected to reach 10 million by the end of 2006, making HP one of the largest consumers of RFID tags.

HP, which started running RFID pilots four years ago, now has 34 facilities that are RFID-enabled. The company is already doing some item-level tagging for products like computer printers that ship one product to a case.

Automatic Data Capture RFID
  • Related Articles

    how secure is your DC?

John Johnson joined the DC Velocity team in March 2004. A veteran business journalist, John has over a dozen years of experience covering the supply chain field, including time as chief editor of Warehousing Management. In addition, he has covered the venture capital community and previously was a sports reporter covering professional and collegiate sports in the Boston area. John served as senior editor and chief editor of DC Velocity until April 2008.

Recent Articles by John Johnson

supply chain 2010 ... are you ready?

RFID: ready to roll

earning its stripes

You must login or register in order to post a comment.

Report Abusive Comment

Most Popular Articles

  • Cold chain giant Lineage Logistics buys its own rail operator

  • Outlook 2021: What’s in store for logistics supply chain?

  • Cushman & Wakefield Brokers Sale of 170 Acres plus Lease for 1MSF Build-to-Suit for Home Improvement Retailer in Commerce City, CO.

  • Thriving in the long haul: interview with Colin Yankee

  • Capacity challenges will continue in 2021

Now Playing on DCV-TV

2mw 01 18 21 thumb

LTL Carriers Using Yield Management Techniques to Identify New Accessorial Charges

DCV-TV 4: Viewer Contributed
As we head into 2021, shippers are not too optimistic about negotiating rates with their carriers. The reason for this, as highlighted in the three CODE RED Webcasts we've hosted with our friends from CSCMP and NASSTRAC, is that in today's transportation marketplace, shippers are operating in uncharted waters. With...

FEATURED WHITE PAPERS

  • Proven Benefits: A Compendium of Slotting Optimization Success Snapshots

  • Bridging Information Gaps in Dock and Yard Operations

  • How Intelligent Sensor Solutions Turn Data Into Action

  • Order picking Solutions: Understanding Your Options

View More

Subscribe to DC Velocity Magazine

GET YOUR FREE SUBSCRIPTION
  • SUBSCRIBE
  • NEWSLETTERS
  • ADVERTISING
  • CUSTOMER CARE
  • CONTACT
  • ABOUT
  • STAFF
  • PRIVACY POLICY

Copyright ©2021. All Rights ReservedDesign, CMS, Hosting & Web Development :: ePublishing