Why can't I simply cut out the chip in an RFID credit card? What is the harm? I only want to use the magnetic strip
on the back. What would happen if I cut the chip out with a hole puncher?
If you want, you can just drill out the radio frequency identification (RFID) device chip on a credit card. There isn't any harm, and you wouldn't be the first person to have ever done it. The only thing to be careful of is to not damage either the magnetic stripe on the back or the numbers embossed on the front. Damaging these could make the card useless.
With that said, punching the chip out of the card still isn't a good idea. It should be your last choice. There are plenty of other options that are less drastic.
Let's take a quick look at the security issues associated with RFID credit cards.
An RFID is a tiny radio transmitter on a chip. Credit cards with an RFID chip transmit account information, like a name or account number, to a reader at a checkout counter. An RFID credit card is designed to be more convenient than swiping the card's magnetic strip through a reader; someone can easily wave his or her wallet over an RFID reader without even having to take the card out.
Major credit card issuers, like JPMorgan Chase and American Express, have offered RFID cards since 2005. But the chips made headlines last October when researchers at the University of Massachusetts built a machine that could use the card's radio signals to read account information.
The researchers claimed that the RFID chip transmitted account numbers and other sensitive information openly through the air, making them vulnerable to theft. The card companies, however, claimed the data was encrypted and that the researcher's sample -- only 20 cards -- was too small.
Either way, as of this writing, there haven't been any reported breaches caused by malicious users and roving RFID readers. Of course, that doesn't mean RFID-related identity theft won't be a problem in the future.
An option, if you're concerned about RFID credit card safety, is to simply return the card to the issuer and get another card from a different company that doesn't implant its chips.
Another possibility is to purchase the DataSafe Wallet from Kena Kai. The wallet is lined with RF-shielding material, which blocks RFID signals until the card is taken out. The wallet acts like a portable Faraday cage, a common trap for radio signals that normally would be too bulky to carry around in your pocket.
Also, keep in mind that despite the security risks of credit cards, most issuers generally use fraud monitoring systems as another layer of protection; these mechanisms are often invisible to users. If a card is lost or stolen, whether through its radio signals or not, these systems develop a profile of your card usage, detect unusual transactions you normally wouldn't make and then block them.
Dig deeper on Wireless Network Protocols and Standards
Related Q&A from Joel Dubin, past SearchSecurity.com expert
The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access ...continue reading
Picture passwords for mobile device security aren't a new idea, but they have been recently improved. Identity and access management expert Joel ...continue reading
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.