Protecting your credit card from NFC hacking

IDG.TV | Apr 28, 2015

A smartphone is all a hacker needs to steal the information from your NFC-enabled credit card. Learn ways to protect yourself.

Presenter: People enjoy using NFC because it's a convenient technology for either paying for transactions or easily exchanging information with other people. More and more credit cards are being issued with NFC technology, allowing people to "tap and go" with their credit cards in order to pay for transactions.
One issue with NFC enabled credit cards is that somebody can easily come with an NFC enabled device, like a smartphone, and be able to scan the information that's stored on the credit card. That information includes the full credit card number, expiry date, and full name of the owner on the card, typically information you don't want to be handing out to people.
In order to steal the credit card information from an NFC credit card, typically the phone needs to be pretty close, although there is some research and experimentation into extending that to a few centimeters. One easy way is for someone being malicious to embed a device into a couch as something where some people sit for a long period of time.
If there's an NFC enabled device actively reading, it could easily skim the credit cards that are in your wallet. This type of attack is known as a "bump attack." Even if you're standing on a bus, a train, or something like that, and somebody stands near you and bumps into you, that could be enough proximity to your credit card and their active reader in order to steal the information.
Some ways to protect yourself against having your credit card information skimmed is to use protective sleeves that will block the active reader from powering the NFC tag, so that no exchange of information will happen. There also are RFID wallets that will block the signals from any active reader, including RFID scanners as well.
As more and more companies embed NFC technology in their devices and credit cards, people will begin to start using it more. With that, more people are more vulnerable now to security concerns that surround NFC. It's up to the end user and application developers to secure the technology.