Definition

RFID skimming

Contributor(s): Matthew Haughn

RFID skimming is the wireless interception of information from RFID chip-based debit, credit and ID cards and other documents, such as passports.

The purpose of RFID skimming may be simple theft of funds or more complex identity theft. Most typically, thieves use an NFC- (near-field communication) enabled device that records unencrypted data from the card's RFID chip, which is broadcast into the air. In the case of a credit card, for example, the data might include the card number, expiry date and card holder name -- all that's required for transactions and, for many applications, to establish identity. 

Many smartphones are equipped with NFC and more mobile devices, such as tablets, are slated to have it. RFID skimming apps can be loaded onto mobile phones and devices can be constructed that are capable of reading RFID broadcasts at distances up to 15 feet away.

Potentially, RFID skimming is an even greater risk with debit cards, because banks often lack any policy to protect customers from fraudulent charges. The payment card industry has stated that safeguards are in place to make RFID-based cards secure. However, many researchers have demonstrated that the cards can be exploited. 

 

This was last updated in June 2014

Continue Reading About RFID skimming

Dig Deeper on Internet of Things (IoT) Security Threats

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close