A COMPANY CALLED DIFRWear is producing something that privacy advocates have been wanting for a long time, RFID blocking wallets. Technically they are called Faraday caged apparel, but you get the idea.
The problem is simple, more and more necessary items like ID cards and passports are being equipped with RFID tags. Since the encryption on just about every one of these items is either deficient, cracked, or simply not there, carrying them puts the holder at a great risk of identity theft.
If the RFID tags can be read at a range of a few feet by an official reader, a bad guy with a bigger antenna can read the same info from tens of feet. A clever person can even skim passport numbers from a moving car. Since the encryption is trivial to crack in most cases, slightly harder in the rest, you can clone passports and identity cards with ease.
Wallets, passport holders, and readers
Because the bad guys can grab the info on the RFID tags silently from a distance, what do you do to protect yourself? Block the readers from seeing the cards, once they see them, game over. That is where DIFRWear comes in, they make wallets and passport holders with Faraday cages built in. If the wallet is open, tags can be read by pointing the open face at a reader. If it is closed, no scanning.
Most people close their wallets before putting them in their pockets, so the cages should be more than enough to keep the RFID tags from being read. At Defcon, DIFRWear was demonstrating the blocking with a wallet, some tags, and a few different readers. Wallet open, the cards were read, closed, they were not.
Since the Faraday cage is basically a thin wire mesh between the leather layers, it doesn’t add any real bulk, stiffness, or expense. The wallets feel like a leather wallet, nothing seems amiss from the outside. Prices range from just over $10 to $20, not bad at all.
Until governments around the world get clued in to how to do RFID right, don’t hold your breath, you have to protect yourself from the bad guys. If I had an RFID passport, I would definitely buy one of these, they are cheap protection.S|A
Latest posts by Charlie Demerjian (see all)
- AMD talks Threadripper, Ryzen Mobile, and Ryzen Pro - May 22, 2017
- AMD calls Naples Epyc during Analyst Day - May 17, 2017
- Intel’s new Scalable Xeon branding is just a price increase - May 5, 2017
- Are consumer PCs safe from the Intel ME/AMT exploit? - May 3, 2017
- Remote security exploit in all 2008+ Intel platforms - May 1, 2017