Mark Roberti
You have to hand it to Walt Augustinowitz, CEO of Identity Stronghold. He knows how to use the media effectively.
Augustinowitz got a Los Angeles TV station to air what amounts to a commercial for his secure sleeves (see Los Angeles TV station warns on stealing account numbers from RFID enabled contactless credit cards). Walt is pictured in the segment capturing credit-card data from business people who voluntarily present their cards to a “$9 reader” that he bought on the Internet, and skimming information from the reporter’s wallet as he stands outside with a microphone.
Here’s the thing: The piece mentions repeatedly that thieves could steal your identity. But capturing credit-card information and using it criminally—even if it were happening, which it is not—is not identify theft; it’s credit-card theft. Walt must love this, because identity theft is even scarier than having your credit-card number stolen.
The segment does briefly mention that you can’t use the stolen credit-card numbers to shop online, because a retailer should conduct an address-verification check and/or a credit-card validation check. You cannot capture the address or the CVV with Walt’s “$9 reader.” But this information is dismissed as almost irrelevant. What’s more, no mention is made of the fact that the only data Walt captures in the segment is what is printed on the card, or that you are usually not liable if your card is used fraudulently.
Cards are tossed on a table and grabbed in a way that suggests something nefarious is going on. At the end of the piece, the reporter says, “If your card has the new technology, don’t panic. The guy who showed us how easy it can be to steal has invented a way to protect yourself.” Surprise!
I hope folks who see this video are intelligent enough to realize that Walt is not a credible expert on this topic, given that he stands to gain by exaggerating the threat. The reporter sure wasn’t that smart.
Television news loves to make people afraid, because it encourages people to watch. “A new scam that leaves you exposed to identity theft—tune in for the 11 o’clock news!” It works. And people like Walt will take advantage of the ability to make people afraid of a problem that doesn’t exist until the credit-card companies solve this issue. (I say “doesn’t exist” because I haven’t seen a single credible report of someone having their credit card skimmed and used.)
There are a variety of ways to make RFID cards secure. The cards could have an on-off switch for the transponder (though that sort of defeats the convenience of just swiping your card). They could have a biometric reader so the card could only be used when you put your finger in a certain place, and there’s a match with what’s stored in the chip (though that would be expensive).
Dynamic CCVs and other tactics might work, but if the credit-card companies really want to use RFID in every card, they need to find ways to make RFID more secure than with magnetic-stripe cards—and they need to explain to the public why they are safer. Until then, we’ll continue to see pieces like the one from the Los Angeles “news” reporter.
Mark Roberti is the founder and editor of RFID Journal. If you would like to comment on this article, click on the link below. To read more of Mark’s opinions, visit the RFID Journal Blog, RFID Connect or the Editor’s Note archive.