Why RFID-blocking wallets are a waste of money

Ken Colburn | Special for The Republic | azcentral.com

Show Caption Hide Caption What you need to know about those new EMV credit cards More and more people are receiving new credit cards with microchips in them. Here's everything you need to know.

Question: Do I need to get a special wallet or sleeve to protect my new chipped credit card from wireless hacking?

Answer: During this holiday season, you’re likely going to see lots of companies promoting wallets that protect your new credit card from hackers.

They’re likely trying to take advantage of the hype surrounding the new "chipped" credit cards and confuse consumers, but one has nothing to do with the other.

What they are offering to protect you from is an older type of technology that focuses on "contactless payments," which has little to do with the new EMV chips you’re seeing on credit cards.

The push towards RFID (Radio Frequency IDentification) enabled cards started many years ago and has since fallen out of favor with many credit-card issuers.

Some companies, like American Express, still offer cards with contactless capability along with the new EMV chip and the traditional magnetic strip, so they can be used all three ways.

If you have a credit card that has contactless capabilities, you will see a symbol on the back that looks like radio waves.

The new chip in your credit card is not a wireless transmitter. It requires physical contact with the credit card reader to work, which is why you must insert the card into the reader.

The early versions of the contactless technology could allow someone with a special device to read the card information just by getting near you, which led to an explosion in companies offering these "protective wallets."

These "proof of concept" hacks were very popular with security researchers, but cyberthieves never have bothered to adopt this method. Hackers are smart and don’t waste time on anything that doesn’t provide a substantial return on their investment.

That no widespread hacking of contactless credit cards ever occurred in the real world can be attributed to many things.

One is that the technology is designed to be very short range (2-4 inches), so it’s not like a hacker can be sitting across the room and grab your digits. Another is that the information generated through a contactless transaction does not reveal any useful information. It’s not the same as the information provided when you use the magnetic strip.

Real credit card thieves focus on magnetic skimming devices, which are much more lucrative because they can steal the information necessary to create duplicate cards that can be used anywhere.

Contactless transactions are simple one-time use encrypted tokens, which are of little use to a thief.

To top it all off, depending upon the card issuer and the country that it’s being used in, there are very low maximum charges ($25-$40) that can be generated via contactless transactions, which really makes it an undesirable target of hackers.

If you do have a contactless payment card and you're still concerned despite all of the evidence that it’s a non-issue, studies have shown that wrapping a card in tin-foil is just as effective as using a special wallet. So spend your cash elsewhere!

Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any tech question at: Facebook.com/DataDoctors or on Twitter @TheDataDoc.