The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
Each device on the network is registered with the server, so when a request is made for a payment it's not automagically paid down the wire, but it goes to the registered owners account. If a device is not on the network it can read the cards but, crucially, not send in payment requests.
Now with the contactless, the details only work for a contactless device making a payment request. It's not like I can read your card # from a contactless reader and then use it yo shop on Amazon, the details are different.
The Graniad and Indi articles are both hogwash. One is about stolen cards and how they're not checked and POS; not the card holder's liability but the providers. The second about using card details taken using contactless readers to skim cards is using a viral story, original picture from Russia, forgets the detail about what the cards give out using RFID.
The one referencing Which? research is interesting. I will read up on that and post a considered opinion later.
However, if your card is defrauded in any way then unless you're Wuckfit McWuckfitface and gave away details you will be reimbursed; banks cannot afford not to. In theory.
My bank asked me if I wanted to have a contactless card or not. That was the quickest no I ever uttered. The only quicker one was, if I wanted to have access to my account via my cell phone. While I understand it might be handy, I'm not going for that. I'm already paranoid about having it on my computer, let alone on my cell phone.
US Passports have RFID as well. Although the information is encrypted (ish),
my understanding is that they can tell what country you are from. As in (If you get a response, and they look American, they probably are!)
We use RFID Passport cases to block this. Avoiding being scanned. Anyone can build a domed signal amplifier and increase the range (in fact, the "repeater" version of this is being used to unlock high end cars by pinging against the keys in the house, boosting the signal and tricking the car to unlock the door here in the states).
So, my keys go inside a metal cup when in the house.
What I did was to CUT one long edge open, and a small flap on the corner. This lets me slip the card in and out naturally. But it appears to work quite well. I put 2 cards in one pouch. The two I use all the time.
China has been doing it for ages for card swiping devices.
In India, ATMs have been discovered to have an extra card reader attached to them by criminals (usually, IT folks who think they are smarter than the rest of the world). These are so thin and are attached to the slot where you put in your ATM card so users don't notice something is amiss. These devices can be had for a few tens of dollars from China.
As to the need to input PIN codes, the thieves usually attach a tiny camera so that the users' PIN codes can be captured too!
If you're concerned, RFID can easily be shielded by a layer of aluminum foil. I'm sure there are still readers that can read through that, but most can't, and all you need, is to be harder to access than the guy next to you.
You can either wrap your card in some aluminum foil, or make your own duct tape wallet and put a layer of it between the layers of duct tape. If you go the wallet route, just be sure to leave an unshielded pocket on the outside someplace for your RFID key card for work, as it's really inconvenient to have to take the card out of your wallet every time you want to get in the door
We can program with only 1's, but if all you've got are zeros, you've got nothing.