RFID for credit cards or passport?

Almost unheard of. But it is a great product to sell. One that solves a problem that does not exist.

US passports have RFID protection built into the cover. As long as you keep to book closed it’s protected.

I use RFID covers but not for the hyped reason. Mine have different pictures on them. Besides rub protection, I know which card is which. I put a tag on each coded for the card which might say PR CC for BAC Premier Reward credit card. On the opposite side is a PIN code, example Anniversary. My passport is in an RFID sleeve only to protect it.

My credit card was skimmed on our last trip to Rome, probably on a bus. It was not in an RFID wallet. Getting the card replaced was the least of my problems. Everything that was on autopay on that card had to be changed. A total pain. So now when we travel, I carry a card with no autopays attached to it. And I’m using an RFID wallet now.

I carry a Rfid wallet here at home and when I travel and prefer to tap with my phone whenever possible. When traveling I use Rfid sleeves for passport and backup cards. As much to organize them in a suitcase pocket as for protection.

I don't know how much of a problem card skimming is, but I think it's prudent to take some precautions. I've used RFID sleeves on my cards for several years, and so far no problems. I typically only keep one card in my wallet, with another in my money belt. I typically use my phone for debit transactions, and that has to be enabled by biometrics, so bringing a card reader close won't do anything.

My credit card was skimmed on our last trip to Rome, probably on a bus

Almost certainly not.

People imagine someone sidling up to you, nearly making contact and essentially "tapping" your card like you do for a purchase. But that can't effectively happen. When a chipped card makes a transaction, the information transferred does not include account information, it is an encoded transaction that makes sense to the network for that one transaction, but not information to make additional transactions.

Had your card been "skimmed" your account would have shown a transaction for that time, which you could have contested, and be traced back to the criminal organization (since they are acting as the merchant). The charge reversed. Not a great criminal plan.

The magnetic strips that are on cards, do have account information, and would allow someone to duplicate the card, these are what are "skimmed" like at a gas pump you hear about often.

Most compromised Credit Cards though are not skimmed, they often use brute force tactics called BIN attacks or card cracking. They start with nothing, or may start with your card number or the extent of the information they have, then a computer program tries thousands of combinations of card number, expiry date, and CVV code, you have those three, you can make a purchase, as a customer. US cards are especially vulnerable for this, unless you have 3DS verification.

To those who are afraid that the NFC chip in their credit card could be read unless it’s in a RFID holder, I always suggest they do the following; go to your grocery store, coffee shop or whatever and make a purchase and say you want to pay by card. Leave your credit card in the wallet/purse you always keep it in, don’t take it out! Then move your wallet/purse with your credit card in it towards the payment terminal. You’ll then see for yourself that it will be impossible for the reader on the payment terminal to read your card, even if you hold it right next to the reader and especially when there are other cards with a NFC chip in the purse/wallet.
It’s an urban myth that criminals on busses can read the info on your card by simply walking past you with a card reader. But since this urban myth sells products, it keeps going around.

Your best defence against credit card theft is to be aware of your surroundings, especially in crowded situations. Keep your extra/backup cards separate from your "daily" card and keep all cards in a secure location, whether you prefer a money belt, your hotel room safe, a zippered compartment in your purse or whatever.

Load your cards in your iPhone or Google wallet, even if you don't usually use your phone to pay. If the worse happens and your cards are lost or compromised, many credit card companies (ie Citibank, Chase, BofA, AX) will update your wallet with the new card numbers before you even hang up from your call to them. You'll then be able to pay with your phone.

I work in cyber security and I have posted on the forum several times reputable links to dispute the rfid myths. I’m not going to post them again I don’t want to be spamming

But no, your card was not a skimmed because you were walking down the street etc. And if you don’t believe me, try this - go to the gas station tomorrow and leave your card in your wallet and try to pay for gas. Let me know what happens but something tells me they’re going to want you to touch the reader with the card. Or do the same thing at the grocery store once again probably not going to be able to pay for the groceries until you get that card out of your non-blocking wallet

And yes, I know people say “I took my credit card and it was scanned and it was used.” The real truth is in most cases there’s a significant delay between the day a card is compromised and the time it’s used. These thieves are smarter than you want to give them credit for and they don’t use a compromised credit card as soon as they get a hold of the numbers.

Honestly, to skim a credit card out of a wallet they’re going to have to put that device basically on the credit card. If someone is standing on your foot with a skimmer shoved up against your bag you have a problem, but I expect you’re going to notice.

And why would they do this. If you understand how this technology works, you understand that it’s going to be very hard for them to get all the information. Plus for the amount of money they spent on that skimmer to possibly get your one credit card they can go on the dark web and buy guaranteed good credit cards - hundreds of them. And of course they won’t just have your credit card number they’ll have all the other information they need to actually use that credit card number like your ZIP Code etc..

But I have to admire the marketing people who have convinced consumers that you need to spend lots of extra money on their security measures/ it’s a great business model. Fear mongering works really well.

...go to the gas station tomorrow and leave your card in your wallet and try to pay for gas. Let me know what happens...

I respect your expertise, and am not being argumentative, just letting you know what happened. Recently, at a local drug store, the card reader read, and processed the transaction, while the card was in my hand a good two feet away. Perhaps it was just a fluke event, or over sensitive reader, or ??

At any rate, the RFID card sleeves are free from my local bank, so we use them. They keeps the cards from getting scratched up, they might work, and it doesn't hurt to use them. Not harm, no foul.

I use rfid envelopes for my passport and credit cards. My wallet has built in rfid protection as does my wife’s purse. Overkill, probably, because the chances of anything being skimmed is less than slim.

My Eagle Creek "hidden pocket" is marketed as RFID.

It is used to stash cash, ie Euro bills there along with one credit card to be as a reserve, no passport. The other 3 credit cards are in my pants pocket with some more cash.

TC, years ago, I remember Walgreens (bricks and mortar) offering to remember my credit card. Of course I ordered that they not do that. Do you have to enter your card info if you shop at that drugstore online?