The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
Your solution is akin to wearing a full wet suit in a light shower. The details available from the RFID are not the full card details and for some time actually use a dummy card number that will only work with contactless. This means that the maximum exposure you have is £30 to a registered merchant. Fraud readers cannot put the valid messages into the system as they are outside the network and do not have authentication keys.
Indeed - but £30's add up. It wouldn't be difficult for a perp to get a couple of dozen £30 a day on the Tube in Londinium, and that's tidy money which is unlikely to be spotted quickly, and unlikely to be reported if it is spotted.
Nice pay if you can get it...but I'd rather not be a victim.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
Each device on the network is registered with the server, so when a request is made for a payment it's not automagically paid down the wire, but it goes to the registered owners account. If a device is not on the network it can read the cards but, crucially, not send in payment requests.
Now with the contactless, the details only work for a contactless device making a payment request. It's not like I can read your card # from a contactless reader and then use it yo shop on Amazon, the details are different.
The Graniad and Indi articles are both hogwash. One is about stolen cards and how they're not checked and POS; not the card holder's liability but the providers. The second about using card details taken using contactless readers to skim cards is using a viral story, original picture from Russia, forgets the detail about what the cards give out using RFID.
The one referencing Which? research is interesting. I will read up on that and post a considered opinion later.
However, if your card is defrauded in any way then unless you're Wuckfit McWuckfitface and gave away details you will be reimbursed; banks cannot afford not to. In theory.
My bank asked me if I wanted to have a contactless card or not. That was the quickest no I ever uttered. The only quicker one was, if I wanted to have access to my account via my cell phone. While I understand it might be handy, I'm not going for that. I'm already paranoid about having it on my computer, let alone on my cell phone.
US Passports have RFID as well. Although the information is encrypted (ish),
my understanding is that they can tell what country you are from. As in (If you get a response, and they look American, they probably are!)
We use RFID Passport cases to block this. Avoiding being scanned. Anyone can build a domed signal amplifier and increase the range (in fact, the "repeater" version of this is being used to unlock high end cars by pinging against the keys in the house, boosting the signal and tricking the car to unlock the door here in the states).
So, my keys go inside a metal cup when in the house.
What I did was to CUT one long edge open, and a small flap on the corner. This lets me slip the card in and out naturally. But it appears to work quite well. I put 2 cards in one pouch. The two I use all the time.
China has been doing it for ages for card swiping devices.
In India, ATMs have been discovered to have an extra card reader attached to them by criminals (usually, IT folks who think they are smarter than the rest of the world). These are so thin and are attached to the slot where you put in your ATM card so users don't notice something is amiss. These devices can be had for a few tens of dollars from China.
As to the need to input PIN codes, the thieves usually attach a tiny camera so that the users' PIN codes can be captured too!
If you're concerned, RFID can easily be shielded by a layer of aluminum foil. I'm sure there are still readers that can read through that, but most can't, and all you need, is to be harder to access than the guy next to you.
You can either wrap your card in some aluminum foil, or make your own duct tape wallet and put a layer of it between the layers of duct tape. If you go the wallet route, just be sure to leave an unshielded pocket on the outside someplace for your RFID key card for work, as it's really inconvenient to have to take the card out of your wallet every time you want to get in the door
We can program with only 1's, but if all you've got are zeros, you've got nothing.