UPDATE 2007-11-11:
Card de-Blinked. Original post below:
My wife and I recently signed up for our first joint credit card. This will allow us to do things like buying plane tickets to see each other and dinners out without having to constantly update our Karma spreadsheet. The Karma spreadsheet (thanks Google) will remain in use for non-credit purchases.
That’s not what this post is about.
What it is about is the plastic cards that come with the account. When I arrived here in New Orleans today, I opened up the envelope and dutifully read the documentation that came with the credit cards. I noticed a mention of the cards having “Blink” contact-less checkout ability. I felt a lurch in my stomach. Sure enough, a quick inspection of the card and some googling revealed that this “Blink” thing is nothing more than a nice name for RFID.
RFID is insecure as used in this application. Your credit card number can be read from afar (up to 69 feet) while sitting in your wallet in your pocket or purse, without your knowledge. As detailed in the linked article, it is then trivial to create a duplicate card.
Of course, our government is also keen on RFID in passports. In the case of Chase, it turns out you can simply request new cards or get creative with a drill. I was going to do the latter, but ended up doing the former, because I want it to register with Chase that I don’t want RFID in my credit cards. It was no problem getting new cards ordered — for all my quibbles with Chase, their customer service on the phone is generally both helpful and English-speaking.
If you want to de-RFID your passport, I believe the recommended method is by hammer blow, but here are instructions for making an RFID-fryer from a disposable camera. Apparently tampering with passports is punishable by up to 25 years in prison, so tamper at your own risk.
There’s a RFID dampening case for passports – http://www.paraben-forensics.com/rfid-passport-security.html
Don’t think that’s illegal. Yet.
THANKS!!! I was immediately sceptical when I read through some of the babble-paper. I was so glad to see that someone out there posted info!!
I remembered that a few years ago, soeone posted re computers having either RFID chips or something similar. HOPEFULLY, Apple doesn’t participate in that — and, ‘ya never know!’
my passport is from 2001, so I think I’m safe from the RFID. I was in SantaFe at the time, and didn’t fill in my SS#, and refused to do so when queried. I told the (hispanic) agent to go ahead and submit the app, and I would be glad to deal with the consequences. no problemo.
howEVer, with the so-called govt’s so-called “Homeland Security”, I doubt that my app for a new passport would so easily get thru! yuck, ugh, DRAT!! I have barely a year left. any ideas on that topic??
again, THANKS for your info!
yes, the cr card rep was friendly and helpful.
Chandra