As part of his presentation Wednesday, Laurie asked for someone from the audience to volunteer a smart card. Without taking the card out of the volunteer’s wallet, Laurie both read and displayed its contents on the presentation screen–the person’s name, account number, and expiration clearly visible.
You can find a ton of information including code and the hardware necessary to duplicate this his website RFIDIOt.
Another real potential issue is companies using RFID for security badges. Considering how easy it is to read and duplicate, potentially anyone who can get close to someone walking into an office can capture the data necessary to produce their own ID card. In this case only matching the photo stored by the company on their computer system (not the one on the badge) to the person’s face is security. So for those offices who don’t have security staff doing this, anyone could theoretically get in.
The best security mechanisms are the most simple and discrete. Credit cards are naturally pretty secure if used correctly. Nobody can abuse a credit card unless they know the number. Nobody can read it through a wallet. The wallet in this case is a great security feature. To read it you need to either visually inspect it for the numbers, copy it, get an impression of it, or swipe it through a reader. All things that require intimate contact with the actual card. Impressive security for some old technology isn’t it?
I’ll stick with swiping a credit card for the foreseeable future. Your only not liable for a stolen credit card if you and your credit card company mutually agree it’s stolen or being misused. Otherwise you may be on your way to an expensive dispute. Regardless it may have hit your credit, and you’ll spend a lot of time sorting it out and getting it corrected. Bad credit costs you money. Some individuals make it sound like it’s just a phone call and your done, but people who have had their credit card stolen sometimes spend several months fighting to save their credit.