Invest in a Faraday Bag / RFID Blocking Wallet / Purse
DAY 28: Invest in a Faraday Bag / RFID Blocking Wallet / Purse
Welcome to Day 28 of my 30 day security challenge, the month long challenge I created to help you gain control of your privacy and security online. You can follow along with the whole series at snubsie.com where you can also download a checklist, and subscribe to youtube.com/tekthing for the entire video playlist.
Today, let's talk about RFID blocking wallets, purses, and bags. RFID stands for Radio frequency identification and uses radio waves to pass data from a device to a receiver. RFID chips are found in passports and passcards, and very rarely - credit cards. They allow for you to pay for or send data wirelessly without swiping a card. These are NOT the same as EMV. EMV uses a gold chip, while RFID is signified by this little icon. Since a lot of information security professionals have shown off how RFID hacking works, many folks have wondered "do I need an RFID blocking wallet?".
So chances are you probably don't need one, but if you're taking your security a step further, then humor me with your attention! You can find RFID wallets at any travel store but knowing if one actually works or if you need one is a huge question in itself. The only time I would really invest in an RFID blocking wallet is if you travel a lot with an RFID enabled passport, if you own an RFID enabled credit card, or if you're a potential target of physical hacks. If you frequent hacker cons, are a public figure, work at a company that holds sensitive information, or have been a victim of criminal activity, it may be a good idea to invest in a good RFID bag.
It is tough to test one in a store before buying one, but if you do intend to buy one you can test it at home by sticking your RFID enabled cards inside of it and trying to pass information through it to another device. You can also buy an RF reader or scanner to test what frequencies are being blocked (and a good RFID blocking wallet should tell you what frequencies it's blocking!). Good ones will block signals at 13.56mHz and 125kHz. The first one includes passports, credit cards, hotel keys, military CAC cards, and sometimes government employee ID cards. The latter includes ID cards and access cards.
Once you have one in hand, stick your RFID enabled card inside the bag or wallet, and try to run that wallet over a receiver that matches up with the card. Whether that's a receiver to get in a hotel room, a garage, a locked room, or whatever - it's much easier and cheaper than buying an RF reader.
Since I frequent hacker cons, I decided to invest in one that I carry to each convention. I rarely use my RFID bag outside of these occasions, mostly because I prefer my much cuter Sailor Moon wallet over a black bag of doom. The one I use is the EDEC Black Hole Faraday Bag off of Amazon. I've tested it against my Fastrak, Bay Area Transit card, my car's key fob, and my cell phone and it blocks all of the signals, so I know it works. Another recommendation from VanitySec is the Zoppen RFID wallet also on Amazon.
Again, chances are you don't need one but just in case - now you know the details!
Day 28 is now complete! Tomorrow is all about upgrading your operating system security. But first, make sure to subscribe on youtube.com/tekthing and hit up snubsie.com for the downloadable checklist. Again, I'm Shannon Morse and I'll see you tomorrow for day 29!