How To De-RFID Your Credit Card

Credit card companies are putting magical radio chips inside your credit cards to allow for “touch n go” “contact-less” payments, but if for some reason the idea of a miniature beacon transmitting your credit card information, albeit however encrypted the companies feel like making them, there is something you can do about, blogs Cody: Dremel!

1. Google your specfic credit card name and type (i.e. Chase Freedom Card) + RFID. If you get some hits of people saying there’s an RFID chip inside, it’s probably got one.
2. Hold your credit card up into the light and see if you can spot the raised bump. That’s the RFID chip.
3. Drill a hole in the spot.
4. Voila! You’re off the grid.

As long as you don’t make huge gashes and tear through your magnetic strip, this should in no way affect your ability to swipe at the store or use ATMs.

How To De-RFID Your Credit Card [adr.enal.in]

Comments

Edit Your Comment

  1. Wormfather says:

    1984

  2. bonzombiekitty says:

    An RFID chip does not transmit the account number. It is pretty much sending back a reflection of a radio signal that is sent out by the readers. These only work within a few inches of the chip. If your card is just sitting in your wallet, it’s not transmitting anything. It is, AFAIK, also encrypted, so some random person can’t just make a random RFID reader that will be of much use.

  3. peokuk says:

    I think the link needs fixing

  4. InThrees says:

    @bonzombiekitty: Sadly, you are incredibly wrong, BonZombieKitty. I have read accounts of people building RFID readers that worked across several meters of distance… and the encryption probably isn’t worth much. Stealing credit card information is big business in the underworld – so big that it is worth the time and money of crime syndicates to hire or coerce people into cracking encryptions and coming up with methods to procure more card numbers.

    There have been numerous demonstrations of how insecure RFID is, yet the financial instituions are just blindly in love with the commercials where people are practically sprinting through stores, swiping cards on the go as they take their loot home.

  5. Buran says:

    Or keep it in a Faraday-cage wallet.

  6. j-o-h-n says:

    RFID can work at a distance of several feet — it’s how I get past our traffic gates and in our machine room — I just need to drive walk within a couple of feet of the sensor by the gate/door and the card in my wallet unlocks the door.

  7. peokuk says:

    ah good now. Can’t you make your own rfid reader dishes in the same way that people get their wireless to work over miles and miles to steal credit card numbers from tj maxx?

  8. andrewsmash says:

    I believe it is the power of the reader is what determines the range of the card, not the chip itself. So if someone wants to play collect the encrypted data, they could do it from a fair distance. Why do we keep having to make payment easier anyway? Cash, it’s slow and secure (providing no one robs you.)

  9. aviationwiz says:

    I can’t honestly say I’m overly concerned about the RFID chip in my credit card. I’m not liable for any fraudulent charges, and they can’t really use my credit card number for identity theft anyways. Now the RFID chip inside my passport that’ll hopefully come soon… that I’m concerned about. I plan on keeping it in aluminum foil.

  10. nctrnlboy says:

    did some googling of my “citi-dividend platinum select” card & found out that mine is not chipped, BUT the one they tried to upgrade (force upon) me with (before I called to specifically opt out of) DOES have a chip. Think it was called the “city dividend world mastercard”. I hate the whole rfid idea. I think new passports have them as well. Read something about banging the chip with a hammer will destroy it when it comes to the passport chips (I still have my old non-chipped passport)

  11. hubris says:

    It really has nothing to do with making payments “easier”. They’ll eventually turn this into Minority Report-esque targeted advertising. They’ll have sensors which will recognize your account via RFID and will tailor advertising to your specifically. Tailored ads will allow the company using the RFID chip to charge advertisers more.

  12. AnnieGetYourFun says:

    @omerhi: You’re right. I worked for a company that was planning to do exactly that. It was really scary, and I was happy to get out of there.

    I wrote a blog post about how to get rid of the chip in your passport (smash it with a hammer) and all the commentors apparently thought I was a gun-totin’, anti-government freak, rather than someone who was simply concerned about her personal security.

  13. ElPresidente408 says:

    [www.nytimes.com]

    It’s possible to lift information off an RFID chip

  14. AnnieGetYourFun says:

    I just realized that I use a gun in my little icon thingie there. I don’t actually have a gun. :)

  15. ptkdude says:

    Thanks for the info on this! I’ll be de-BORGifying my credit card tonight. It will keep me from having to pull my transit card (also RFID) out of my wallet to get into the subway station.

  16. huadpe says:

    RE: the passports. I got a new one in March and no RFID, though I got it through a consulate (which is REALLY quick by the way, took 1 week with no expiditing) so that might change things.

  17. hubris says:

    @AnnieGetYourFun: It bugs the crap out of me when people seem to think that anything the government does in the interests of “national security” should just be accepted and if you don’t accept it, you’re some kind of wild-eyed crazy anti-government psycho. I prefer not to avoid anything to be known about me that I don’t have to. And I certainly won’t allow advertisers to misuse (hell, even *use*) information about me.

    I’m paranoid enough that I have to submit a thumb print when I take the LSAT in September.

  18. Crazytree says:

    wow. I went to Jack in the Box and I thought I was buying a spicy crispy chicken sandwich…

    when in reality I was selling my soul to the New World Order.

  19. AcidReign says:

        My card’s not RFID, although Chase is rolling out Visa’s in New York and Philly, evidently. Do not want. Getting your card number stolen is a hassle, even if you don’t have to pay for the fraudulent charges.

        We’ve used RFID ID badges at work for several years, for various door scanners. Any pressure near the chip will break it, unfortunately. I do have a physical master key, because RFID locks don’t open when the power goes out.

  20. formergr says:

    I got my new passport in April, and it has a chip.

  21. mac-phisto says:

    @AnnieGetYourFun: so you’re the one that wrote the infamous “how to illegally manipulate a precious piece of government property”. lemme just check your IP…annnnnnd…the black vans are on their way!

  22. Heyref says:

    @formergr: Has it had a ride in your microwave oven yet?

  23. In 2004 aliens abducted me for 24 hours and when I was ‘returned’ I had a chip in my brain. Can I use this same system to drill a hole in my head and deactivate the chip?

  24. mac-phisto says:

    @ElPresidente408: i would’ve gotten away with it too, if it wasn’t for those meddling kids!

    my favorite part of that article:

    “This is an interesting technical exercise,” said Brian Triplett, senior vice president for emerging-product development for Visa, “but as a real threat to a consumer – that threat really doesn’t exist.”

    i imagine his predecessor saying something like that right as the first handheld card skimmers were hitting the street.

  25. philipbarrett says:

    As the I found out the hard way courtesy of BOA, fraudelent charges on your card can be a real pain to dismiss. As for reading RFIDs, my local tollway can do it from 20 feet in the air at 80mph!

  26. FLConsumer says:

    The distance that RFID works depends on both the reader AND card. Yes, the reader supplies the power, but the antenna configuration on the card is also a factor.

    For most of America, I don’t see RFID credit cards as being a major problem, but for those who live in cities, where everyone is in close proximity to each other (like walking on the streets of NYC), I’d be worried. Granted, someone could conceivably hide a reader inside the checkout line of a 7-11 or pharmacy (both have merchandise in front of the counter, at waist-height), which could skim the numbers.

    Overall, RFID = bad idea as implemented. Now, if they wanted to do an RFID + Mag Stripe deal where the RFID chip and mag stripe were both needed to process the transaction, then you might have some security. Much more difficult to fake an RFID than mag-stripe. Of course, mag-stripe credit card + pin would provide a huge security improvement over what currently exists (nothing).

  27. dugn says:

    Best way to fix these in credit cards or passports is the same: Percussive Maintenance.

    See Gizmodo deom December of last year:
    [gizmodo.com]

    Sure – it’ll illegal to do this to a passport (doubtful the same is true for a credit card), but sometimes to just can’t help ‘accidental’ damage.

  28. Jigen says:

    I seem to remember reading somewhere though how it is a crime to tamper with the RFID chips.

  29. ian_fleming007 says:

    If you want to block the RFID just use a blocking wallet such as [www.RFIDBlockr.com] It creates a faraday cage just like your tin foil hat!

  30. EtherealStrife says:

    Scary stuff. One distinction people should be making is that between passive and active RFID. AFAIK my FasTrak unit uses active (the chip has a power source to boost range by quite a bit) and can be read going 85mph at a fair vertical height. I have a special lined bag that I keep it in when not using the tollroads. :) “Normal” RFID (passive) range is purely based on the reader, as others have said. The reader is actually a transmitter and a receiver, “bouncing” a signal off of the chip. Security is virtually nonexistent on these, and any Joe could read information stored on the chips.

    According to the DHS’s own study on RFID, the technology was deemed unsuitable for secure transmissions. As far as I’m concerned, that gives me the legal right to tamper with them as much as I want.

  31. SkyeBlue says:

    The powers that be know the American people well, make them afraid (as in Identity Theft) and they will accept anything!

  32. digitalgimpus says:


    I had an experience with this a few months ago. I emailed Chase about the Freedom card and getting a non-RFID version. Ends up they do offer that. It’s another card, but the same account type. They had no problem doing it. Just mailed me a replacement which I activated. No big deal. I wrote it up on my blog for anyone who wants more detail.

    I was really surprised they didn’t hassle me. It’s not like I had a long history with them. I had the card for a day or two.

  33. Her Grace says:

    I want to work for the government, and I find these things quite scary. I’m glad that my passport is good through 2015, though–hopefully, by then, laws requiring the chips will either be repealed or laws about disabling them will be. Either way. Idealistic, I realize, but isn’t that the requirement for someone wanting to work for the government: utter idealism or a desire to control the masses via thoughtwaves?

  34. mac-phisto says:

    @Her Grace: i too thought karl rove resigned, but now i realize that texas is just a better geopolitical location to harness sheeple brainwaves.

  35. chrispiss says:

    @bonzombiekitty: Higher power RFID readers can read stuff from 100 feet away, possibly more. Stores use those for identifying trucks with shipments to tell what merchandise is onboard.

  36. jamar0303 says:

    I don’t know- I find myself in favor of RFID for payments, but only in the Japanese style. RFID in your frequent flier card so that it functions as your boarding pass (JAL and ANA does this), an RFID-based prepaid cash card to use at various shops (they call it Edy), and RFID in subway/bus passes (but America already does that).

    Of course, Japan’s version of RFID is much more useful, because cellphones can download a Java program and be able to use the features of a given card. Less load on the wallet because you just carry your cellphone with you and it automatically knows what program is needed for what RFID reader.

  37. SBR249 says:

    RFID is going to be everywhere and transmitting all sorts of person info in a few year’s time. Why delay the inevitable and ruin a perfectly good credit card? For example: some country are putting mandatory RFID chips on passports now that will transmit all your personal info. What are you gonna do? Burn your passport?

  38. CumaeanSibyl says:

    Can you use magnets to short out an RFID chip? Obviously that wouldn’t be so good to use on a credit card, but it might help on the passport without leaving obvious smashy marks. I have a couple of rare-earth magnets that would do the trick.

  39. zaq2g says:

    For those who think RFID can only be read at short distances, whats stopping someone from building a small RFID reader, bumping into your and wirelessly “picking” your RFID enabled cards. A single person can probably grab hundreds of cards a day just walking around a large city.

  40. Zagroseckt says:

    AVIATIONWIZ
    In Reply to wrapping your passport in aluminum foil.

    all your doing there is increasing it’s range.
    What you want to do is wrap it in a Faraday’s cage.
    [en.wikipedia.org]
    A small one will suffice enough to scramble up a simple RF reader and garble any attempts to activate the chip (the chips pull there power from the signal from the reader.)


    Here’s a wallet all redy for ya :)
    [gizmodo.com] Faraday Cage Passport Wallets: Jams RFID-Chipped Travel Docs

    the key is the mesh (woven) and copper is the preferred metal all tho a really good one uses gold.

  41. Trojan69 says:

    I worked for a processor who encoded credit cards.

    Although the RFID will add a layer of security to transactions, this is a cheap solution to a problem that would virtually disappear if they invested in chip cards and readers universally.

    The problem? The cost of encoding/embossing (punching out names and numbers) a typical mag stripe card is less than a dollar. For the cheapest chip card (embedded microchip) it was well over $3, with the typical cost over $4. BUT…even if the issuing banks and Visa/MC would bite the bullet, it would require hundreds of millions of dollars (one estimate I read was $2 BILLION) in cost to the merchants. The Point Of Sale terminals cost (three years ago) $200 EACH. A POS is the thing you swipe your card on. For a chip reader, you would insert the card and the chip would be read. It would be impossible for your chip card to be read unless it was inserted into a reader.

    Imagine how much Wal*Mart would have to pony up to replace all of their POS terminals! Ain’t gonna happen.

    So….the powers that be decide to take the cheap route, which involves a level of risk to the customer. If and until fraud constitutes an unacceptable risk to the issuers (banks), we will not see universal chip cards/readers. We will see stopgap measures such as RFID.

  42. I live in the UK. Here is London we have RFID only in our Oyster cards (the card we use to get on the tube and buses). We have a chip/PIN deal on our credit/debit cards. It’s a pain in the ass, but it is secure.

  43. shoegazer says:

    @radleyas: Fellow Londoner, wait till Brown pushes through the mandatory ID scheme which takes its cues from US-style RFIDs.

    Even just the Oystercard can be used to harvest data about your travel patterns, payment patterns, and even address details if you’re dumb enough to register it. My wife and I swap our Oystercards out every couple of months or so.

  44. toddkravos says:

    the timing of this post is fantastic.

    I have just received my “PAY PASS” Master Card from my bank (KEY BANK-CLEVELAND)

    And while it has this chip in it, it appears the RFID chip appears to very near the “swipe” bar.

    ::big sad face::

  45. welsey says:

    @shoegazer: Yeah I somehow messed up registering my Oyster card and I never bothered to fix it. I felt that if tfl wanted that info so bad they had to send me a letter informing me of my fuck up then I definitely wasn’t going to correct my mistake.

  46. dieselbug says:

    @shoegazer – Credit Card companies know where you spend your money anyway & RFID won’t make much of a difference in that regard. I got a new UK passport last year and it has an RFID tag in it so you don’t need to wait for GB to push it through – I’m sure driving licenses will be next . . . .

  47. j3nr1c0 says:

    RACCETTURA: I wanted to confirm your positive experience with CHASE. The CS rep didn’t know what I meant by RFID, but as soon as I asked for a card without BLINK (their branded name for RFID “service”), she immediately confirmed my address and said I’d have a new, non-BLINK card within 3-4 business days.

  48. topgun says:

    @radleyas:
    Are those pneumatic tubes like we use at the drive up windows at the bank? Sounds fun if it is.

  49. HeyThereKiller says:

    this is really easy to do with a Blue from AmEx card… seeing as the chip is part of the cutesy design

  50. @topgun:

    Yeah genius, it’s just like the opening credits of Futurama ….

  51. @shoegazer:

    If they can use that info to improve service on the Northern line, I’ll take it.

  52. kcrusher says:

    You can also de-rfid your cards by zapping them in the microwave.

  53. Zatos says:

    So… is there any other ways to disable these chips? I’d actually rather not drill a hole in my card(s)… I guess it’s one of those weird obsessive things. Won’t taking a hammer to it work like it does on the passports?

  54. dmk358 says:

    I believe an easier (and reversible) way to “foil” RFID readers is to attach aluminum foil directly to the card, over the chip or antenna site. The self stick aluminum tape used to seal HVAC ducts should work nicely. I have tested this out with the RFID facility access badges our company uses, and with the tape in contact with, but not even adhered to, the badge, the reader is nonfunctional except acknowledging that a signal (of some type) was received. I would be interested in seeing more real life testing of added foil tape.

  55. inno says:

    @Zagroseckt:
    “In Reply to wrapping your passport in aluminum foil. all your doing there is increasing it’s range.”

    Uhh, no.

    From wikipedia article on RFID:

    “There are contradicting opinions as to whether aluminum can prevent reading of RFID chips. Some people claim that aluminum shielding, essentially creating a Faraday cage, does work. Others claim that simply wrapping an RFID card in aluminum foil, only makes transmission more difficult, yet is not completely effective at preventing it.”

    Read the complete thing here: RFID Shielding [wikipedia.com]

  56. mycroft2000 says:

    Would a good strong whack with a hammer work as well?

  57. TechnoDestructo says:

    @Trojan69:

    Of course, with RFID being promoted as a solution to everything, it will NEVER be as easy to copy an RFID chip as it is to copy a magnetic stripe, right?

    Also, is there something about the particular RFID chips in credit cards that limits the range to a few inches, or can they be forced to be readable at a few feet like for most applications that have been touted?

    And what’s to stop someone in a checkout line or a crowded subway or something from carrying a reader at wallet level?

    Don’t take off those tinfoil hats yet folks.

    @jamar0303:

    I presume an RFID enabled phone can be turned off when you don’t want anyone reading it?