When it comes to vitamins, minerals, and other dietary supplements, I have a category of “Not harmful, likely helpful” for things that have no obvious downsides and some potential benefits. When it comes to your personal information hygiene, RFID (Radio Frequency IDentification) blocking wallets/sleeves fall under that same category.
Cash is the “network
independent” form of currency, but digital currency has largely
become a very widely accepted form of “settling a debt.” This can
be done using a physical token such as a credit or debit card, or
through a smart device linked to your banking information. If you see
“tap to pay” on a gas pump or payment terminal, you are seeing a
near field communication (NFC) capable system.
Because
debit/credit cards or “pay by phone” requires a communication
from the terminal back to the financial system to do all the
accounting, if the network goes down, you can’t pay with that digital
currency. This means that cash is going to be part of the “right mix” of
resources for prudent prepping. For example, I was recently at a gas
station while a thunderstorm rolled through and severed the satellite
link from the station to their payment processing provider. Having
cash on hand allowed me to purchase fuel, while other patrons sat
around and waited for the network to come back up.
However, carrying
around enough cash to pay for everything all the time is
problematic from a risk standpoint, as people with lots of cash tend to
get targeted. There is a place for “digital, network
dependent currency” in a prudent lifestyle. Reduction of risk for
being targeted for your cash means accepting the risks associated
with using digital currency, and the hope that the networks necessary
for financial transactions stay up.
How much actual
risk is there from a “tap to pay” payment? Any
communication that goes over radio frequency is subject to reception
by an unintended party. The stronger the signal, the further away
unintended parties can listen in; the weaker the signal, the closer
they need to be. Luckily, NFC communications are very weak, and so
all demonstrated attacks require the listening device to be
within yards, if not feet, of the targeted area.
Although I know of no instance
where RFID skimming has occurred “in the wild” for monetary
theft, I still use a radio frequency blocking wallet to hold all my
“smart cards” for personal or work use. There are a lot of
options on Amazon, but this is the make and model I’ve used for the
last several years. I also keep my “smart passport” in an RFID-blocking sleeve
similar to this. On the other hand, I also know that
penetration testing teams routinely capture NFC signals to clone
identification cards, and if penetration testing teams do it, it is
the most likely bet that other organizations do it as well for less
noble purposes than security testing. Therefore I protect my information
with RFID blockers, and this gives me a bit of peace of mind in
airports and similar locations.
This does not
eliminate all my risk, but between a bit of cash and a bit of
digital currency, the biggest risk remaining is simply losing my
wallet. Much like I take a daily multi-vitamin because it is “Not harmful, likely helpful”, I make sure I use an RFID-blocking wallet.
So if you need a new wallet, or are purchasing a gift for a
young person about to embark on the start of adulthood, an RFID-blocking capability is a very nice feature.
No comments:
Post a Comment