Long-Distance RFID Snagging Possible, Already Done

After posting about the danger posed by magic wand credit cards, some readers pooh-poohed the notion that someone could build a device capable of reading RFID from a distance.

For the benefit of readers not scouring the comments, let us point you to this item from the summer of 2005. A SoCal group twenty-year-olds at DefCon 13, an annual gathering of security analysts and hackers, “…set the world record for transmitting data to and from a “passive” radio frequency identification (RFID) card — covering a distance of more than 69 feet.” [Washington Post]

Here’s some more cool pictures of the device they made.

The security vulnerability exists. Just because it’s hard, doesn’t mean someone won’t find a way to exploit it. There’s money to be made.

After all, it’s kinda difficult to make a fake ATM card reader and slip it on top of an ATM machine and harvest credit card numbers, right? Or decrypt PINs mistakenly stored at checkout counters? Or slip a hand inside your pocket and steal your wallet?