Protect Your RFID Credit Card With A RF Jammer

Credit card companies are embedding radio frequency tags (RFID) in credit cards. Since these are transmitters, there’s the possibility of a thief using an RFID sniffer to snag your credit card digits.

Independent researches demonstrated this type of security hole in RFID credit cards back in October.

The credit card companies are eager to expand use of RFID and it will take something going wrong first before they implement stronger security. Until then, consumers have to defend themselves.

One way is to use a RF jammer to block all RF signals around you. Only turn it off when you want to do a transaction.

Lady Ada has a nifty tutorial of making one, assuming you have advanced soldering and circuit bending skills. Barring that, Google yields readymade results. P.S. RF jammers are illegal, see FCC statue inside.

Another way to protect yourself is to not use a credit card with a RFID chip inside, but how long before we don’t have a choice? — BEN POPKEN

Wave Bubble [Lady Ada via BoingBoing]

UPDATE: This might be a little harder than we thought. We asked Lady Ada if an RF jammer could in fact be used in this way. She says, “it can, however there are multiple RFID frequencies so youd have to pick out VCOs to match.”

RF jammers are illegal in the US and subject to FCC fine.

(m) Harmful interference. Any emission, radiation or induction that endangers the functioning of a radio navigation service or of other safety services or seriously degrades, obstructs or repeatedly interrupts a radiocommunications service operating in accordance with this Chapter.

Which includes:

(p) Kit. Any number of electronic parts, usually provided with a schematic diagram or printed circuit board, which, when assembled in accordance with instructions, results in a device subject to the regulations in this Part, even if additional parts of any type are required to complete assembly.

Furthermore

The operation of transmitters designed to jam or block wireless communications is a violation of the Communications Act of 1934, as amended (“Act”). See 47 U.S.C. Sections 301, 302a, 333. The Act prohibits any person from willfully or maliciously interfering with the radio communications of any station licensed or authorized under the Act or operated by the U.S. government. 47 U.S.C. Section 333. The manufacture, importation, sale or offer for sale, including advertising, of devices designed to block or jam wireless transmissions is prohibited. 47 U.S.C. Section 302a(b). Parties in violation of these provisions may be subject to the penalties set out in 47 U.S.C. Sections 501-510. Fines for a first offense can range as high as $11,000 for each violation or imprisonment for up to one year, and the device used may also be seized and forfeited to the U.S. government. (FCC website)

Comments

Edit Your Comment

  1. SweetBearCub says:

    Why not just design the RFID transmitter in cards so that it can only be activated when you squeeze a contact switch with your fingers?

  2. RogueSophist says:

    Yes, these jammers are fantastically illegal here in the states. Our best bet currently is to simply avoid RFID cards, and make clear to anyone who will listen that, until there’s at least nominal security in place, we don’t want them.

    My favorite (theoretical) RF jammer is the short radius cell phone RF jammer, which can bring a quick (and satisfying!) end to the inane prattle surrounding you on the train/bus/restaurant/etc. They’re available all over the place online, and I’m endlessly tempted…

  3. phrygian says:

    What about wrapping the cards in tinfoil — would that work? I seem to remember that was a suggestion in a previous RFID chip discussion. I have no idea whether it would be effective or not, though. I forsee a time when it won’t be possible to get a card without RFID, unfortunately.

  4. According to this site: “A single layer of aluminum foil of only 27 microns thick is often enough to block the RFID signals of most readers or 1mm of dilute salt water.”

    No solder required (allegedly).

  5. There was This http://www.rpi-polymath.com/ducttape/RFIDWallet.php design for a wallet if anyone remembers it. Much more inexpensive and legal than the rf jammer, but the fun one could have with a jammer.

    There is a joke in there somewhere, waiting to be exposed but I dont have enough wit to connect the dots, something about parachute pants. Anyone want to take a crack at it?

  6. chasnleo says:

    The most permanent way to disable the RFID and that is to put it in the microwave for a few seconds, it will permanently disable the chip.

  7. evenless says:

    Actually, you don’t have a choice anymore with HSBC.
    When geting a replacement ATM card from HSBC (the mag strip wore out), it came with the shiny new paypass feature. When i called them up to request one without (like the card i was replacing) they said that it is not offered, even at the customers request!

  8. Ben Popken says:

    @Holden: It’s (rf) Jammer time!

  9. loraksus says:

    chasnleo says:
    The most permanent way to disable the RFID and that is to put it in the microwave for a few seconds, it will permanently disable the chip.

    I wonder what the effect would be on the magnetic stripe though…

  10. Plasmafire says:

    Well there goes the idea for RFID security chips replacing magnetic strips for store security.

  11. phrygian says:

    plasmafire – Shoplifters are already using aluminum foil-lined shopping bags to keep store alarm sensors from going off.

  12. informer says:

    A metal business card case would be a simple way to block any rfid signals. For a more permanent solution, just drill a hole through the chip.

  13. informer says:

    oh yeah, option #3: cancel your account, and make sure they know it’s because of the RFID.

  14. chasnleo says:

    Forget a jammer use a hammer!!

  15. tz says:

    At a gas station/truck stop I found this nifty stainless steel “cigarette case” – too small for cigarettes, but exactly the right size for my credit card. It is designed like a cig-case since it has spring-loaded clips to keep things inside when it is opened.

    I don’t have any RFID credit cards, but do have a stick-on for “zip thru” at work. Yet this case should work like multiple layers of foil (it seems to for my existing keycards which use RFID, though I should do a better test).

  16. faust1200 says:

    If this technology is easily exploited it will either be modified or discontinued as it will end up costing credit card companies more money to manage the stolen credit card accounts. I’m really not losing sleep over this one.

  17. MirDreams says:

    Yeah, Chase doesn’t give you a choice. I’ve got a RFID blocking wallet on order and it can’t get here fast enough. NYC has enough physical pickpockets, I’d like to keep it at least that challenging to get my card.

  18. bermuda says:


    I work in RFID development and to read data from a tag from anywhere other than a very short distance takes a fairly substantial system than would be hard to conceal and the use of it would be pretty obvious. Assuming you were paranoid about it all you would have to do is put foil in your billfold or better yet mu metal. This kind of equipment is much more complex that those tags that alarm when you leave Walmart or somewhere like that.