Do those RFID/NFC shielded wallets and bags actually work to protect your contactless credit cards?
Systems like VISA PayWave and Mastercard PayPass.
Does aluminium foil work?
Dave does some measurements to find out using a H-Field probe
TekBox EMC probe set: http://amzn.to/1YkCLPO
Teardown video of a 125KHz RFID Tag: https://www.youtube.com/watch?v=5DJmp6iA1FE
Forum: http://www.eevblog.com/forum/blog/eevblog-889-credit-card-rfid-theft-protection-tested/'>http://www.eevblog.com/forum/blog/eevblog-889-credit-card-rfid-theft-protection-tested/
ISO/IEC 14443 Standard:
https://en.wikipedia.org/wiki/ISO/IEC_14443
EEVblog Main Web Site: http://www.eevblog.com
The 2nd EEVblog Channel: http://www.youtube.com/EEVblog2
Support the EEVblog through Patreon!
http://www.patreon.com/eevblog
EEVblog Amazon Store (Dave gets a cut):
http://astore.amazon.com/eevblogstore-20
T-Shirts: http://teespring.com/stores/eevblog
๐Ÿ’— Likecoin โ€“ Coins for Likes: https://likecoin.pro/ @eevblog/dil9/hcq3

Hi You no doubt familiar with modern credit cards like this one that have an RFID chip embedded in the more tap and go as it's called here in Australia might be called different things in other countries actually contain a radio frequency identification device and RFID chip in them. And no, it's not this thing here, that's the secure chip and pin thing. It's actually embedded elsewhere in the card and it goes under various Sat names. Could be Visa payWave or it could be MasterCard PayPass or various other names depending on which provider you've got, but they all work on the same RFID technology.

We can just use your credit card like this just to tap and go. As the name suggests, you just tap it onto a reader like this. If you've got a reader, you can just go like that BAM hold it there for a second or two and you've instantly paid for your transaction in. Australia At least it's up to $100 No need to enter your PIN number, no need to insert your card, no need to swipe it on the back or anything like that tap and go.

Beautiful! But it's not without its security concerns and my interest in this came about because Mrs.. a Eevblog got a new handbag here. It's a Giannotti brand for those playing along at home and it came with this look: RFID blocking technology to assist you in protecting your credit cards against identity theft. Sandler now uses data blocking technology.

Concealed within this bag or backpack is an Rfid protective fabric inside the credit card section that helps block illegal scanning devices and assists the prevention of data and identity theft. Fantastic, But does it actually work? Let's test it. now. let's just talk briefly about the RFID technology in here.

There's actually a coil all the way around the card in here that actually does, not, contrary to popular belief, act as an antenna. Because this is not an RF based system, it's the term RFID is a little bit deceptive. In this case. it actually works like a transformer and if we have a look at another card here, we can actually see the coil inside there.

Check it out. It'll go around like that. The chip will be embedded in there somewhere, not exactly sure where it is matter. You can see that there's a couple of turns going around in there somewhere, and what it's doing is acting as a transformer like this.

Let's go to Dave CAD So this is the receiver part of it here. This could be the phone like we're going to use today. It could be a legitimate device at the supermarket or on the bus that you want to tap and go and pay with. Or it can be a scamming skimming device that people can walk by you and actually once if they get close enough then they can actually potentially get your card details and actually do a transaction on your card.

They can't actually get your credit card information, but they can do an actual transaction. As I said. up to the value of $100 Anyway, this is the receiver like this and the receiver generates a constant 13 or packets of thirteen point five, six megahertz sine wave, and it's a transformer coupled system. The coil inside the credit card actually forms the secondary of a transformer here.
So even though it's called RFID because it RF is used in some other variants of it, it's actually a magnetic field. a traditional transformer coupled like this, and the chip inside your credit card here actually gets power from this coil. So once you get these two, they're close enough. There's a little our rectifier in there.

This is grossly simplified, but hey, this is basically how it works. It generates our power for the chip and then the chip can drive a transistor, which then can modulate the load on the secondary side and that will reflect back due to transformer action. The magnetic fields. You can actually get the modulation on here and it'll send as we'll see in a minute it'll send like a packet of 13.5 six megahertz data like this.

and then if this chip, if the protocol is right and everything matches up, then this will use a transistor to put a load across the coil and modulate it. And for the I so one, triple four, three protocol which we're talking about here which is used in these types of modern credit cards, then it's going to modulate that amplitude modulated at a frequency of four Hundred and Forty Seven Point Five Kilohertz and then the reader can read back that data and they can communicate and transfer information. Easy. But the important thing to note here is this is not an RF system.

These are not antennas. This is a transformer. It works on magnetic fields instead of an RF field. So in, take a modern smartphone and use this as an NFC reader.

they got NFC capability built-in Thirteen Point Five Six Megahertz. There are different frequencies for different RFID systems, but the credit cards use Thirteen Point Five Six and that's what the modern smart phones do at least I'm not aware of any smart phones that do the other frequencies, but we can use this. It's just an app from my research lab Hagin burgers just to free up. You can get to what read the information from these cards so we can put our tag in there and it's just reading tag.

doesn't take a minute. New tag detected and we've ended. We've got it. We've read all the information that we can from this card.

of course I can't get the money from it because I don't have the ability to do transactions, but hey, criminals can potentially do this. so I won't go into the tag information. It might reveal something about my card here. but anyway, it's you.

Know you can get like the hex, dump data out of the card and everything else and you don't actually have to have them touching and you can actually have them a distance apart. but there is a limit to how far you can have them apart due to the transformer action losses because it's a pretty poor transformer. It's an ear cord, so the idea behind these are bags you can buy and you can get wallets as well with this RFID protection technology and does it work well? I Actually don't necessarily doubt it because it's not hugely hard to actually shield against this. But as I said, it's not a Faraday cage issue.
it's not an RF issue. It's a magnetic field issue. So you know ideally you'd want our what's called new metal which actually our shields out magnetic fields. Now take something like this side: I Cast Aluminium Box for example.

You're used to using these to shield your electronics and stuff from our Am I right now. These are quite effective at RF and of course, but for magnetic fields not so much. But really, the problem is with magnetic fields. Die cast aluminium like this, or our foil or anything else.

Um, really is. You know, pretty decent at high-frequency art stuff. but at low frequency low-frequency magnetic fields like down in the Kilohertz and things like that, these aren't really effective against magnetic fields. But the good news is is that these things operate at thirteen point five, six megahertz.

So something like this diecast box force of airfoil is going to work a treat at those high frequencies, even though at low frequencies, even something this thick would actually be pretty useless at shielded magnetic fields. So let's not muck around. let's try it. Let's get our credit card inside the outer sleeve of this bag and scanned it.

There we go. No problems whatsoever. This bag does not work in the outer pocket, but it doesn't claim to if we go back and read the fine print. There's a protective fabric inside the credit card section, so only the credit card section.

so the rest of the bag. If you've got this card inside your wallet, inside the bag is not specifically inside the credit card section and you're not protected at all and you'll see inside this bag. it looks kind of like magnetic II But if you put your credit card inside any part of this inside here or this outer pocket as we saw, then it does absolutely nothing apart from a physical distance thing getting extra losses in the transformer. You've got to actually put the card inside here and I'm not sure if you can hear that, but it feels different.

It feels like there's some metal foil or something inside this section. So let's whack our card in there, shall we? And we'll try and read it here. We go for the outside of the bag like this, and you'll see that it doesn't scan at all. so it works.

and that's not terribly. You know, surprising there's nothing magical about this. But look if I put inside this other pocket over here and try and read it. Bingo! It's going through multiple layers.

no problems of this bag and right through there. so it only works if you put it inside the section like this. so that might protect you against a Wimpy little phone like this. But what if are the criminal? Have some you know, super high power transmitter / receiver that can you know generate a bigger magnetic field and read data back.
Well how effective might this be? Well, we can actually do it. Gets some our quantitative measurements with a near field. H Probe: These are called because it's a magnetic field. This is not an electric field probe.

it's a magnetic field. You've seen this in my videos before. It's a dead giveaway to magnetic field because you can see the coil there and we can actually stick this in between the credit card and here and we can pick up the magnetic field and we'll be able to see it on the scope. Beauty.

And of course you don't need to buy one of these fancy pantsy expensive shield in handbags or wallets or whatever. You can just use our foil like this and this is a common trick you see on the Internet so let's see if we can read that tag under there. No, we can't. Just a single layer of alpha or like that is more than enough if I take that away now.

Bingo. Will read it. No problems whatsoever. So just a single layer of our foil is enough to attenuate that.

even though the magnetic field as I show you in a minute is actually still getting through there, it attenuates it enough to actually cause a problem. And there is a bit of a myth going around that if you have two credit cards in your wallet in close proximity or back-to-back like this that they'll cancel out and they'll get you know conflict and you won't be able to read the data out of it and you'll be completely safe. You don't need any magnetic shielding whatsoever. Well, that's not really true because the ISO standard one, triple Four three which are determines the protocol and everything to do with this RFID technology actually has an anti collision thing as part of the protocol for both Type A and Type B cards.

so we can, hopefully it might. it could make an edit. it's going to make a fool out of midnight. There we go.

A new tag detected. Okay, so you can actually get a point where they sort of do interfere with each other. It causes a problem, but you can still. You can still do it.

You saw we could. Actually, There we go. We can get it to read that no problem. So that really isn't protected.

That myth-busting Okay, so let's use our H field Probe, which goes from you know, basically Kilohertz up to several gigahertz. so it should easily be able to read our Thirteen Point Five Six Megahertz. Let's put that on the back here and we'll see that when you've got our NFC enabled on your phone, it's reading all the time, periodically, actually sending out these packets like this, trying to wake up the card that's in any card that's in proximity to it, and then looking, sending out a code to enable it. And they're looking for modulation coming back.

And if we single-shot capture that and go in here, you'll see that this is basically Bingo. Whoop, There it is. Thirteen Point Five Five, Thirteen Point Five, Six Megahertz. That's our carrier frequency and it's sinusoidal.
All right. So let's put our card behind our phone here and watch what happens when I put it in there. Bingo. You should have seen some modulation there, so let's see if we can capture that and you'll notice that it's actually continually stayed on now that that card is in the field if we take it away.

BAM It goes back like that. Now, if captured some data here, and you can see that before this trigger point. Here, here's our Thirteen Point Five Six Megahertz. It's actually the look.

It actually goes down to zero. This is the receiver or in this case, the transmitter actually doing that. and we've got different types of data. If we go over here and have a look, we can see.

this is the return data coming from the card itself, and this is the amplitude modulated data. We can go in here and have a squiz at that. There it is. It's just amplitude modulated, so that is the credit card actually modulating that, turning on the transistor, loading down the coil, and modulating that data back at what frequency? Well, let's measure it.

And Bingo! Using our X cursors there, we can get eight Hundred and Forty seven, Point Four, Six Kilohertz. That's exactly what I said. The modulation frequency was before, so yep, the ISO standard is exactly as it says. Now, if we have a look at the distance between the card, the phone like this, then we can actually I'm I not 200 millivolts per division be able to see the amplitude difference.

I'll go down like this. I've got that, and a fair distance away will we be able to get something? Yep, and it's lower amplitude of course, but even at that sort of distance, you know there's still something there. It's not enough to actually connect to the card, but hey, if you had a more powerful reader, you know if you're a criminal, you had a more powerful reader. You're trying to skim cards and things like that.

You can do it at a greater distance. Okay, so let's try the alfoil now. Okay, so I'm down at ten millivolts per division. The absolute value doesn't matter.

it's just relative to 200 millivolts per division we were at before. And yeah, I'm able to, you know, get something. But if I take away the alfoil of course, then whammo. We're completely off scale.

Now there we go. Alright, so I've got my credit card inside the shielded thing I'll whack my probe in there and we'll give that a ball. Yeah, we're still getting something at 50 millivolts per division, but you know it's it's really right down there. You'd have to have a super-powerful you know, transmitter side to, actually, you know, generating a much larger magnetic field than this one's capable of to actually get that I suspect.
but it's probably not a hundred percent secure. But you know I think it's going to be good enough I think these sorts of shielded handbags and wallets will actually do what they claim. And if you're wondering about the die cast alloy box, then yep, that's it. Two millivolts per division.

There's just oh, did we get something? No, that was just me mucking around. Yeah, that's going to be pretty effective I should expect, but are not 100% effective against magnetic fields. But in the case of the amount of field we're talking about with the RFID here at that frequency, then yeah, these things do work. Okay, just for kicks.

I'm going to see if we can capture the increase in magnetic field as we get closer. so I'll single-shot capture that and I'll bring it in. Don't like our chances, but oh yeah, that's quite reasonable. There we go.

We started here. We could see it getting bigger and bigger, but it wasn't close enough to actually capture the dot like you know to sink and do the protocol and talk to the card and get the data before it got. you know, fairly close, like an inch away or something like that. So there you go.

I Hope you found that interesting. And whether or not you believe that you know you're really a threat just walking around with your unexposed credit cards in your wallet and things like that. and the odds are ridiculously low that somebody's going to skim you or something like that. But you know they don't necessarily have to walk through you.

They could set it up in a doorframe, for example. Yes, you walk through, they can get you because you can couple the magnetic field like that as you walk through. and there's many other ways to do it. but they have to do a transaction.

It's not like the money just magically vanishes from your account. You know it's got to be a transaction and things like that. So yet not a hundred percent secure technology. But hey, confirmed are these bags and presumably the wallets.

They've probably just got our foil in them anyway. And our phone does quite a reasonable job. Just a single layer of our foil can actually protect you. Cards Pretty good.

So yes, you're paranoid about these things. Don't wear it on your head, just stick it in your wallet. Catch you next time. Hi! It's Teddy on Tuesday Again, it's a little bit different.

It's why is Broad Electric Toothbrushes you've seen them. It's it's on one of these charges Wireless our power transfer to charge the internal battery. We crack it open and check it out. Not only what's inside here, but what's inside the charger as well.

Let's take a look. Could be interesting. There you go. It drops down, and if you remove another one, it drops down again.

But actually, it's.

Avatar photo

By YTB

25 thoughts on “Eevblog #889 – credit card rfid/nfc theft protection tested”
  1. Avataaar/Circle Created with python_avatars Hooked On Classics says:

    I don't trust contactless or nfc. Dodgy tech at it's worst.

  2. Avataaar/Circle Created with python_avatars ejonesss says:

    is it possible to use a jammer to jam the 13.56 mhz to prevent the tap from working at all?

    the scenario is someone could broadcast a blank 13.56 mhz wave so the terminal cant read so it prevent the transaction to force the use of the chip or swipe so the skimmer could be used.

    in the past when the chip came out criminals would make the shimmer insert have some tab to block the chip so when you put the card in it would not make connection to the chip at all or it would have some wires to corrupt the signals to the chip to make the transaction fail so it forces the customer to swipe.

    i am asking because i suspect that a couple gas stations here in the united states may be in on a skimming ring and they say it is a problem with the card or security.

  3. Avataaar/Circle Created with python_avatars Davi d says:

    I don't think that I believe your statement that card information can't be stolen, because how would the store's scanner process a payment? My wife's card had not left it's paper sheath since it was issued, and yet it, and every RFID card in her wallet were compromised somehow. The old cards without contactless payment were unaffected. I call BS on the VISA assertion that this is secure.

  4. Avataaar/Circle Created with python_avatars John Francis says:

    Plz make small videos……ur video is informative but Plz make use good visualization and short ones

  5. Avataaar/Circle Created with python_avatars Multi Coder Gaming says:

    Funny story, my father had one of the early types and I knew the risks and downloaded a card reader app and said "watch this" pinged his card and it displayed the number and everything then I said "is this your card" he replied "yes, that's not good" so the mobile phone app demo that you did I also used to prove that they were easy to read

  6. Avataaar/Circle Created with python_avatars IngenieroCristian says:

    I lost US$40 because I forget this lesson โ€œalways cover your credit card in aluminiun foilโ€

  7. Avataaar/Circle Created with python_avatars Samuel Hulme says:

    In the uk itโ€™s up to ยฃ30 but with the virus that is going around itโ€™s now up to ยฃ40
    Edit : Also itโ€™s called contact less , over here

  8. Avataaar/Circle Created with python_avatars bob fourjs says:

    "Don't wear it on your head, put it in your pocket" lol.

  9. Avataaar/Circle Created with python_avatars gearstil says:

    Very interesting!

  10. Avataaar/Circle Created with python_avatars TheManLab7 says:

    In England it's called "contactless" and it's a maximum of ยฃ30. When my card breakers, I always make sure that it's NOT contactless.
    It's not hard to stick your card in n put your pin in.

    This is also why I'd never want a keyless car as the key puts out a signal, which can be picked up and within less than a min, your ยฃ10,000's car is no where to be seen.
    This is why I'll ALWAYS want a keyed car.
    Or an up to date finger print which measures if it's got a pulse. Which is no different to the thing you stick on your finger to check your BPM and oxygen levels.

    I'm not sure who comes up with these stupid, backwards, dick head ideas. But they need to be $h0t.

  11. Avataaar/Circle Created with python_avatars Paul Evans says:

    And when you loose it anyone can help themselves to your money. Not the smartest idea. I'm sticking with the old chip and pin…..much safer

  12. Avataaar/Circle Created with python_avatars Grant Imahara says:

    Guaranteed, I can scan your card through that bag with inexpensive equipment I built and use daily. I can read it through all passive shields tested to date, our database of failed shielding pockets, wallets, phone cases, and bags (airport luggage) is at 832 products with only 3 products actually causing significant issues extracting the information required to perform a transaction without visual or physical contact with the card. Be more careful about what security products you endorse as probably working, they only work on low power RFID readers. Criminals use high powered RFID readers. We believe there are a lot of criminals using these making it a HUGE concern with an ever increasing probability that any given individual will be targeted with an attack in a given timeframe. We will be probing many major metropolitan cities across the U.S. to discover the reality of how likely someone is to becoming the target of such a scam. We will post a site and post out data when we complete our studies. We are projecting study completion in November of 2020.

  13. Avataaar/Circle Created with python_avatars ezquimal says:

    I remember in the 90 all the public phone use that chip for cards with credits. And we use a eprom with the software to emulate and call free.

  14. Avataaar/Circle Created with python_avatars Hanro50 says:

    I have an aluminium wallet lol.

  15. Avataaar/Circle Created with python_avatars David Brewer says:

    Cutting the antenna in your credit card definitely works to prevent NFC fraud….

  16. Avataaar/Circle Created with python_avatars Thanasis Athanasi says:

    Best video on how NFC works but with wrong title

  17. Avataaar/Circle Created with python_avatars Milan Karakas says:

    Good Lord! It works. Just two layers of aluminum foil inserted in my wallet and NFC can't read anything. Thank you very much for that advice!

  18. Avataaar/Circle Created with python_avatars bridgendesar says:

    They should use nfc for car entry

  19. Avataaar/Circle Created with python_avatars Roman Dvoryadkin says:

    You can expose card by power flashlight and see embedded coil and chip

  20. Avataaar/Circle Created with python_avatars roladun says:

    Hey EEVblog, I might not be absolutely correct but it seems RF communication works with the same principle as RFID cause you are still using the same electromagnetic field for TX and RX except that the distance has to be very closed for reception. The current that is oscillating in RF antenna induce the same magnetic field for long distance transmission, and at the destination end you surely do need the antenna where the same signal will be induce except that mechanism for reception is different, but basically the medium is still the same. Thanks for pointing this out.

  21. Avataaar/Circle Created with python_avatars Moog โ€ข 38 years ago Updated 1 month ago says:

    Jackscepticeye?

  22. Avataaar/Circle Created with python_avatars Benjamin C says:

    A perfect solution to stop these cards being read without the owners permission would be to embed a photo diode into the body of the card that only allows the circuit within the card to activate when it is in ambient light (ie out of a persons wallet) then when it is in the wallet / bag, it would be unreadable.

  23. Avataaar/Circle Created with python_avatars George Tsoukalas says:

    You will find that the credit card details can be retrieved. If you had pressed the tag information, you would have seen the credit card number.

  24. Avataaar/Circle Created with python_avatars jerremm says:

    It's pronounced rectum fryer.

  25. Avataaar/Circle Created with python_avatars Afifah Ahmad says:

    Hi! Where can I find more details on the schematic you've drawn in this video?

Leave a Reply

Your email address will not be published. Required fields are marked *