What is RFID skimming? - Definition from WhatIs.com
Part of the Customer data management glossary:

RFID skimming is the wireless interception of information from RFID chip-based debit, credit and ID cards and other documents, such as passports.

The purpose of RFID skimming may be simple theft of funds or more complex identity theft. Most typically, thieves use an NFC- (near-field communication) enabled device that records unencrypted data from the card's RFID chip, which is broadcast into the air. In the case of a credit card, for example, the data might include the card number, expiry date and card holder name -- all that's required for transactions and, for many applications, to establish identity. 

Many smartphones are equipped with NFC and more mobile devices, such as tablets, are slated to have it. RFID skimming apps can be loaded onto mobile phones and devices can be constructed that are capable of reading RFID broadcasts at distances up to 15 feet away.

Potentially, RFID skimming is an even greater risk with debit cards, because banks often lack any policy to protect customers from fraudulent charges. The payment card industry has stated that safeguards are in place to make RFID-based cards secure. However, many researchers have demonstrated that the cards can be exploited. 

 

This was last updated in June 2014
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms

Definitions

  • cloud computing

    - What is cloud computing? To understand cloud computing, examine public, private and hybrid cloud, as well as PaaS, SaaS and IaaS cloud models. (searchCloudComputing.com)

  • knowledge-based authentication (KBA)

    - In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password. (SearchSecurity.com)

  • Backoff

    - Backoff is point-of-sale malware that uses memory scraping  to steal credit card data from Windows-based retail machines on which it is installed. Backoff is used by criminals to gather valuable t... (WhatIs.com)

Glossaries

  • Customer data management

    - Terms related to customer data management, including customer data integration (CDI) technology definitions and words and phrases about data quality and data governance.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About RFID skimmingPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.