What is RFID skimming? - Definition from WhatIs.com
Part of the Customer data management glossary:

RFID skimming is the wireless interception of information from RFID chip-based debit, credit and ID cards and other documents, such as passports.

The purpose of RFID skimming may be simple theft of funds or more complex identity theft. Most typically, thieves use an NFC- (near-field communication) enabled device that records unencrypted data from the card's RFID chip, which is broadcast into the air. In the case of a credit card, for example, the data might include the card number, expiry date and card holder name -- all that's required for transactions and, for many applications, to establish identity. 

Many smartphones are equipped with NFC and more mobile devices, such as tablets, are slated to have it. RFID skimming apps can be loaded onto mobile phones and devices can be constructed that are capable of reading RFID broadcasts at distances up to 15 feet away.

Potentially, RFID skimming is an even greater risk with debit cards, because banks often lack any policy to protect customers from fraudulent charges. The payment card industry has stated that safeguards are in place to make RFID-based cards secure. However, many researchers have demonstrated that the cards can be exploited. 


This was last updated in June 2014
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms


  • going dark

    - The going dark problem, as described by the FBI, is the Bureau’s inability to access legally intercepted communications and information because of the encryption technologies used for data privacy ... (WhatIs.com)

  • Snowden effect

    - The Snowden effect is an increase in public awareness about information privacy and security due to Edward Snowden's revelations about the U.S. National Security Agency's surveillance initiatives a... (WhatIs.com)

  • EMV card

    - An EMV card is a credit or debit card with an embedded computer chip and associated technology designed to enable secure payment at compatible point of sale (POS) terminals; EMV stands for Europay,... (WhatIs.com)


  • Customer data management

    - Terms related to customer data management, including customer data integration (CDI) technology definitions and words and phrases about data quality and data governance.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About RFID skimmingPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.