While many people believe the security of their credit and debit cards has increased because the banks and card issuers added EMV (Europay MasterCard and VISA) chips to the cards, this may not in fact be true. Although the EMV chips make it more difficult for criminals to skim the information on the card and create a duplicate card the criminals have developed a new fraud scheme to take advantage of the vulnerabilities of the EMV chips. These chips are radio frequency identification chips (RFID) and you can pay for a transaction by waving the EMV chip card over a point-of-sale transaction device designed to capture the RFID information. What most consumers don’t know is that the chips in a smart card can be read at distances up to three feet away.
The criminals are aware of the new chip card’s vulnerability and they use portable, battery operated, point-of-sale devices to capture the information broadcast by the smart cards and process card present transactions. The criminals go to crowded areas such as malls, sports venues, subways, busses and other public places carrying these portable devices and have them automatically process a card present transaction for under $50, which is the federal legal limit for the amount of a fraudulent transaction that is the responsibility of the consumer. For fraudulent transactions over $50 the card issuer is responsible for the transaction. When consumers attempt to dispute these transactions some card issuers will argue that since the card was present, and you still have possession of the card, it must be a legitimate transaction. They may even imply you just forgot about it.
Consumers need to protect themselves from this type of fraud. If you have a smart card with an EMV chip you need to carry the debit or credit card in an RFID sleeve or an RFID safe wallet. RFID sleeves and RFID safe wallets have a lead lining that prevents portable point-of-sale devices from reading the RFID chips while you are carrying your card in your pocket, wallet or purse.