A Reasonable Story on RFID Credit Cards

The Columbus Dispatch has posted an article on its Web site that provides a balanced view of the issue of skimming data from credit cards.
Published: February 8, 2011

Last year, I wrote a great deal about the issue of whether credit-card information could be stolen and used by thieves carrying radio frequency identification readers purchased online. My blogs were in response to news stories by television journalists that were nothing more than scare pieces aimed at getting viewers to tune in (see L.A. Broadcaster Misinforms Public About RFID Credit Cards, ABC Eyewitness News Presents Selective Facts About RFID Credit Cards and Are RFID-Enabled Credit Cards Safer Than Magstripe Cards?).

Recently, I came across an article published online that is a credible piece written by a reporter with journalistic ethics.

The article in question was published by the Columbus Dispatch, a local newspaper in Columbus, Ohio. Like so many other articles, this one quotes Walt Augustinowicz, the founder of Identity Stronghold, as claiming that scammers can purchase portable RFID readers and a battery pack for less than $100 on the Internet, and then use them to pick up information being broadcast from the cards, such as account numbers and expiration dates, from several inches away (see Portable scanners ‘pickpocket’ data on credit cards, some say).

But unlike most other articles that I’ve read, the reporter for this piece, Josh Jarman, actually looks into the claim instead of taking it at face-value. He writes: “The U.S. Secret Service, which handles financial-access-device fraud, has no open investigations of electronic pick-pocketing and does not know of any, said national spokesman Robert Novy. Federal Bureau of Investigations agents in Columbus and Cincinnati said they know of no cases in Ohio.”

Jarman quotes Augustinowicz as pointing out that the theft would be difficult to detect unless police caught someone in the act—which is a fair point. But Jarman doesn’t leave it at that. To his credit, he does a little more research and quotes Jay Foley, the executive director of the nonprofit Identity Theft Resource Center, in San Diego, as noting there has never been any evidence of crooks using such scanners. He also quotes Foley as pointing out that some of those sounding the alarm bells about this kind of theft are profiting from scaring people (which is why I have been so vociferous in my criticism of TV journalists who play up the concerns about credit cards using RFID).

The writer also spoke to several credit-card companies. “MasterCard said in a statement that its RFID-enabled cards have additional safety features, such as randomly generated codes that accompany all wireless transactions,” he writes. “Representatives for VISA also said its cards have additional safety features to prevent this type of crime. Both companies say their fraud-protection policies don’t hold customers liable for fraudulent purchases.”

It has long frustrated me that when it comes to a relatively new technology, many journalists abandon their principles and write scare stories. My hat is off to Josh Jarman and the Columbus Dispatch for rising above that practice.

Mark Roberti is the founder and editor of RFID Journal. If you would like to comment on this article, click on the link below. To read more of Mark’s opinions, visit the RFID Journal Blog, the Editor’s Note archive or RFID Connect.