Does Your Wallet Need a Tinfoil Hat? - Comments Page 2

Love the article! And thanks for calling out "journalists" - too much of our news these days is rushed onto the air or into print without proper vetting. Research and getting the facts right is apparently a thing of the past.

I don't have a chip card, only reliable magnetic strip. I do wear my tinfoil hat, mainly because it brings a smile to people's faces. I would be more worried about owning a cat, they are out to take over the world, I know it!

LOL. Thanks for the chuckle, Bob (I love your sense of humor).

I couldn't agree more about the pathetic level of journalism these days. If these so-called journalists have to obtain a university degree before being employed by news reporting agencies, then it says a lot about the low standard of education these days, does it not?

So this is also an il-informed bit of info?

http://www.pcworld.com/article/249138/rfid_credit_cards_are_easy_prey_for_hackers_demo_shows.html

Seems to me that RFID sleeves add bulk to your wallets. I would think that a single piece of tinfoil, shaped like a dollar bill and inserted into the bill pocket of the wallet, resting against the outside part of the wallet would be effective in blocking the RFID signals from all the contents in the wallet....

Bob: a relative gave me a woman's tri-fold anti-theft security wallet from a company called "Identity Stronghold." A brochure included says Identity Stronghold is owned by Walt Augustinowicz. A label on package has address for Identity Stronghold in Englewood Fla. Know anything about these folks? I thought it was sort of silly and haven't used the wallet yet. Thank you.

The chips in traditional Canadian credit and debit cards aren't RFID and have to be physically inserted in the cardreader, with the user inputting the correct PIN. The data theft methods that have worked are:
1) the "inside job" whereby an employee has a second cardreader device cloning the legal one so as to capture both card number and PIN, (or sometimes just the card number, with the PIN captured on the security videom until they made the legal cardreaders with guards to hide your input)
2) specially made devices that fit into the cardreader slot (e.g., of an ATM in an obscure location) and could be removed by the thieves before the branch reopened.
The "wave your card at the cash" business is fairly new here. The new debit card I got last week was made to accommodate it but the teller agreed with me that enabling the wifi to save the "labour" of putting the card in a slot and punching in a few digits wasn't a terribly secure idea. Given how often supposedly-secure software is hacked, I'm quite happy to reject that particular form of convenience.

The end of March I received a new access card for a chequing account. I used it twice, once at a long-trusted location, and once at a store where I previously had used cash. The day my income tax refund was deposited in the account, someone went shopping online - in France. The card had never left my hand. I live in Canada.

I bought one of those metal wallet things...but never used it because it was too thick for my purse. Glad to know I did not waste too much money for the thing. It was supposed to be thin. 3/8 inch is rather thick!

The only natural occurring element that cannot be penetrated is LEAD "Pb" that's why radioactive isotopes are sealed in a LEAD containment vessels and they cover the family jewels when you get an x-ray. Duh!!!!

Thanks for the info. I think you're the only person to have let people in on the secret. They're still pushing these blocking wallets on the internet. Well got to go. I got to find my tinfoil hat and take a walk. lol

Here in the Netherlands a new chip was introduced last year for the regular debitcards. Normal payments always require inserting the card into the device and tapping in the personal code. The new chip also makes 'contactless paying' possible: it takes up to 25 euros per transaction directly from your account when you hold it close to a small device. This can be done up to ten times before you have to tap in your personal security code again. This is also the system that is used for the complete public transport system. When you board a train, a bus or tram, you keep your card in front of a device and you're checked in while they take twenty euros from the balance on the card. When you leave the vehicle, you have to check out again for a refund of the unused money or you lose it. And there's no need for names, PIN or other numbers, just a brief contact of the card and the reading device!

Point is, potential thieves only have to fabricate something inconspicuous and walk with it through a crowd and 'harvest' money to their heart's content. Almost everybody uses these chipped debitcards, creditcards are used more for bigger purchases or on holiday, so there's a lot of potential here.

For this situation the RFID wallet is a good thing to have, at least I think so. Over the last years we've had numerous gangs who try to take advantage of our financial system and this would be right up their alley. Just a few years ago they apprehended a Bulgarian gang who had situated one or two of them in the ceiling of my regular supermarket right above the paying device at the cashiers. When people didn't properly shield the tapping in of their code, they signalled the number to someone outside. They would pickpocket the card from that person outside the supermarket and go immediately to a cashing machine to take as much money as possible from the account. And the gang would disappear before anybody would find out what had happened.

Unfortunately we dumped our wallets and bought protected ones at great expense ... I should have waited for Bob to weigh in first :-(

What is concerning me most about these new RFID chip cards (not chip and PIN in the US) is that I might leave it behind in the retailers machine, as the card is left in for the whole transaction, not swiped and put back in my wallet immediately.

Right now I am back to my four year old self humming a little ditty the whole time ... don't forget the card, don't forget the card, don't forget the card.

In my city the transport companies use a loadable chip card for rides on buses etc. I leave the card in my wallet and it reads through the leather. All of a sudden the bus card reader started to tell me I had more than one card. It turned out that our banks had started to use RFID in their cards and these were being picked up. A folded piece of cooking foil around the bank cards did the trick!

About a year ago, I heard that 70% of Small Business had suffered an intrusion or data-loss event in 2013. Has anyone heard a similar statistic for 2014?

I would have to strongly disagree with this article. Yes, I own the original RFID wallet company Identity Stronghold. I started the company because of the ease in which data can be stolen off these cards. Even the new EMV contactless cards. If you doubt me do the following test. Go to Amazon and add a new card. Change your cardholder name to something like John Smith. They don't ask for a 3 digit code either. All that is checked is your account number and expiration date for validity. Those two pieces of info are not encrypted even on the new emv cards we have tested. Your order will be accepted. We did this test with a news reporter's cameraman's card and it went through fine. I had no data but what I had scanned with an off the shelf scanner.

Go to Youtube and search for straight talk about RFID myths and watch for more details.

Also if you do some web research you will learn that cardholder name has never been a piece of data that has been used to approve a credit card transaction. Just another misdirection from the card industry.

Bob, I would be happy to clear up the misconceptions Snopes and others have given you. Just contact me. Remember the money at stake here and you will know why some in the card industry are trying to confuse people on the danger.

I was inquiring about credit card protection, ran into your blog. In parallel I also found shield identity card which I found it to be relatively inexpensive. I ordered one and it works great. you may want to check this one as well...I ordered it from their website www.shield-identity.com..it is just $12.99