Wednesday, July 3, 2024

RFID-Blocking Wallets

When it comes to vitamins, minerals, and other dietary supplements, I have a category of “Not harmful, likely helpful” for things that have no obvious downsides and some potential benefits. When it comes to your personal information hygiene, RFID (Radio Frequency IDentification) blocking wallets/sleeves fall under that same category.

Cash is the “network independent” form of currency, but digital currency has largely become a very widely accepted form of “settling a debt.” This can be done using a physical token such as a credit or debit card, or through a smart device linked to your banking information. If you see “tap to pay” on a gas pump or payment terminal, you are seeing a near field communication (NFC) capable system. 

Because debit/credit cards or “pay by phone” requires a communication from the terminal back to the financial system to do all the accounting, if the network goes down, you can’t pay with  that digital currency. This means that cash is going to be part of the “right mix” of resources for prudent prepping. For example, I was recently at a gas station while a thunderstorm rolled through and severed the satellite link from the station to their payment processing provider. Having cash on hand allowed me to purchase fuel, while other patrons sat around and waited for the network to come back up.

However, carrying around enough cash to pay for everything all the time is problematic from a risk standpoint, as people with lots of cash tend to get targeted. There is a place for “digital, network dependent currency” in a prudent lifestyle. Reduction of risk for being targeted for your cash means accepting the risks associated with using digital currency, and the hope that the networks necessary for financial transactions stay up.

How much actual risk is there from a “tap to pay” payment? Any communication that goes over radio frequency is subject to reception by an unintended party. The stronger the signal, the further away unintended parties can listen in; the weaker the signal, the closer they need to be. Luckily, NFC communications are very weak, and so all demonstrated attacks require the listening device to be within yards, if not feet, of the targeted area. 

 Although I know of no instance where RFID skimming has occurred “in the wild” for monetary theft, I still use a radio frequency blocking wallet to hold all my “smart cards” for personal or work use. There are a lot of options on Amazon, but this is the make and model I’ve used for the last several years. I also keep my “smart passport” in an RFID-blocking sleeve similar to this. On the other hand, I also know that penetration testing teams routinely capture NFC signals to clone identification cards, and if penetration testing teams do it, it is the most likely bet that other organizations do it as well for less noble purposes than security testing. Therefore I protect my information with RFID blockers, and this gives me a bit of peace of mind in airports and similar locations.

This does not eliminate all my risk, but between a bit of cash and a bit of digital currency, the biggest risk remaining is simply losing my wallet. Much like I take a daily multi-vitamin because it is “Not harmful, likely helpful”,  I make sure I use an RFID-blocking wallet.

So if you need a new wallet, or are purchasing a gift for a young person about to embark on the start of adulthood, an RFID-blocking capability is a very nice feature. 

No comments:

Post a Comment

The Fine Print

This work is licensed under a Creative Commons Attribution- Noncommercial- No Derivative Works 3.0 License.

Creative Commons License

Erin Palette is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to