The truth about RFID card fraud

Posted by brunson stafford on February 5th, 2018

Irrespective of demonstrations to show really possible, documented cases of RFID credit card scams are unknown. And as security professionals know, there is a huge gulf of mexico between potential crime and actual crime.

I've written before about the non-existence of RFID credit-based card offense, a least as marketed by all the sellers selling anti-RFID shielding products. I'm one of the few voices constantly stating that buying RFID-blocking wallets and handbags, sleeves and the like would be a waste material of time and money. I've frequently said that I can't find a single documented case of RFID credit card offense. Each time I write about this, I get tons of angry email from vendors of such products as well as people who "just know" that they have been patients of RFID cards crime.

The "victims" who write me personally always speak about a secret man, acting strangely, who walked by with an obvious device, that they firmly believed to be an RFID reader, and soon enough thereafter their credit cards has a fraudulent fee on it. I usually answer that a "feeling" that RFID fraud happened just isn't evidence of an genuine crime, and this I still, after numerous years of searching, haven’t found just one law adjustment authority or document exhibiting evidence of RFID credit-based card crime.

The latest order of emails contained two better "proofs" of RFID crime that I had not addressed before.

RFID car crime proof

Proof amount one was an online video of thieves stealing a Mercedes-Benz. Although the online video doesn't show any facts of the theft or how industry, the associating or referenced news tales do claim the car was stolen wirelessly. A large number of Mercedes-Benz models use RFID wireless technology, which in theory could be used of stealing the car.

I actually reached out to Mercedes several times to verify regardless of whether the sort of RFID criminal offense purported in the online video happened or could have happened, but after multiple queries over 2 weeks, they have not responded. I actually also could not find any law enforcement useful resource to talk to me personally about that particular criminal offense or any type of possible other RFID car-related crime.

With that said, I assume that it is possible for RFID tag car-related crime to have happened. In past times, most car manufacturers didn't use good security development lifecycle (SDL) coding practices. I know that many car systems and wireless starting systems were packed with security bugs. Though I don't know of the details of the car crime in the video or other proposed wireless car crime, I actually know enough that We believe RFID car offense has most likely took place.

I have to believe any car manufacturer using any critical wireless indicate today is now training SDL and protecting wifi signals from interception and forgery. I know many of the world's best ethical hackers who now work for car-related companies, and who are part of teams whose careers you should prevent digital-related crime in their employer's products. RFID car offense might be possible with older models, but I actually think the easy "replay" crimes being reported today are soon to be a thing of the past if they not necessarily already.