Hey /diy/. My bank recently decided that they needed to replace

Wrap the card in foil or buy a new wallet or even card 'envelope' on ebay

You are right to be cautious - rfids are easily scanned with kit from China that costs less than $100

>>1020984
Christ.

http://lmgtfy.com/?q=rfid+card+sheild

Why is this so hard?

>>1020987
>top results are all products for sell
>>/diy/

>>1020984
Seriously? Get a new bank. Why they would switch to RFID instead of EMV like your OP is anyone's guess, but they clearly don't know what they're doing.

File: hybridcard_2.jpg (34KB, 700x482px) Image search: [Google]

34KB, 700x482px

>>1020984
>OP complains about RFID chip
>proceeds to post a picture of an EMV chip card

Chip and pin (EMV cards) cannot be scanned and used with scanners by crooks.

The small RFID chips OP is referring to (like BLINK, PayPass, Paywave) are embedded into cards where you cant see them. Those are the ones people are worried about.

They are 2 completely different chips and technologies. And chances are, your old card has RFID, and your new EMV card doesnt.

Thats what happened to me, my RFID card was replaced with a chip and pin and it no longer has RFID.

And the EMV technology is VASTLY more secure than regular old magnetic strip.

Pic related, the coils are for RFID, the chip is just a chip.

>>1020988
Look, I understand that this is /diy/ and all, and I strongly encourage doing it yourself, but the bottom line is that there are problems in this world that are better solved with a pre-existing solution.

You can make a sleeve out of aluminum foil, glue paper to it, lightly seal it all with a laminate, hope that you got the folds right so the rfid signal doest leak, hope that you got the size just right so that it still fits in your existing wallet, and at the end of the day spend $50 and waste several days of your time perfecting it, or you can pay $1.66 for one of these that is a known good design.

Are you typing on a computer that you designed and built from scratch? Why not? Are you driving a car that you designed and built from scratch? Why don't you cut down a tree and make your own toilet paper?

If you honestly think that every question on this board deserves a diy solution, then you're the type of engineer that deserves to be fired for incompetence.

>>1020990
Its OP who doesnt know what hes doing.
The majority of places in the USA never accepted RFID, even though the majority of big banks added them to the cards like 10 years ago.

Now there is a mandate and a push for EMV compliance.
Its not something that will or will not "catch on" like RFID. Every store and every bank will be using them in the next few years.

>>1020984
If you are never going to use the RFID feature you can fry the RFID chip by exposing the card to a intense and fast changing magnetic field, like a capacitor discharged through a coil.
I did it once, but it probably is wise not to use so much power, since it could erase the magnetic band or even destroy the other small chip.

https://m.youtube.com/watch?v=U_TyoJJkQsY

>>1020984
https://www.youtube.com/watch?v=kp63MZ6RudE

A single sheet of foil will be enough, just put a paper note sized foil into your wallet

>47% of the worlds credit card fraud happens in the US.

I couldn't believe it when I visited the US and found out you guys were still relying on the magnetic strip as the only form of security.
You guys are dinosaurs when it come to banking.

>>1021041
A lot of people still prefer the magnetic strip.

>>1021056
why though

Buy some sheet aluminum, cut to card size, put card between those.

There is no realistic risk of being scanned.

If a thief wants CC numbers all they have to do is work at a convenience store for a while and substitute their card scanner for the store unit on night shift.

>>1021062
The changeover has been... rough. Magnetic strips just work. You slide your card, it takes 2 seconds, you put it back in your wallet. The chip thing has been a mess. Half the time the makers of the readers fucked up their deployments. The Rite Aids (major pharmacy chain here) in my area require my card be in the reader for over 20 seconds and then this super loader audio plays saying PLEASE DON't FORGET TO REMOVE YOUR CARD FROM THE READER. Its fucking stupid.

Don't get me wrong, its not a bad technology, it was just fucking fumbled by the banks, retailers, and the card reader companies.

Just a sheet of Al foil is sufficient to attenuate the NFC RF.

https://www.youtube.com/watch?v=kp63MZ6RudE

File: 1468181542923.jpg (19KB, 398x398px) Image search: [Google]

19KB, 398x398px

>>1021067
>Americans and money

>>1021077
What?

>>1021062
>>1021067
Don't forget we don't implement pin, just the chip, so it's really not any more secure at all, its just very slightly more inconvenient to rip your chip info.

>>1021083
>its just very slightly more inconvenient to rip your chip info.

Isn't security in itself that inconvenience?

>>1021089
No, I mean the thieves have to go out and buy new readers instead of just using their 20 year old stripe readers.

>>1021033

you do know if you swipe one of these cards, most terminals will tell you to insert it because its a chip card. if you fry the chip then you basically made the card useless.

but... dont try this with a TARGET credit card. they dont have strips on them anymore ONLY the chip.

fuck technology

>>1021097
Fuck fear and paranoia. Worry about shit that has REAL ODDS of affecting your life.

Paranoia is really self-exaltation because it implies the paranoid somehow matters or has something which matters.

No one here matters except to themselves, their doggers and if lucky another person. The Illuminati will never care. That is good.

>>1021062
Because people hate change, and some systems take up to two minutes to process a chip card.

>>1021094
Thats like saying they just have to get your pin.

>>1021094
>>1021083
There is absolutely no sort of EMV skimming available.
It has a transaction code that changes every single time you use it, so making a skimmer for the chip would be completely useless.

It had rendered the mast majority of skimmers dead.

You only put 1/4 of your card into most the readers, so the magnetic strip cannot be skimmed correctly or easily in 90% of places.

The ONLY skimming available now is on an ATM that physically takes your whole card.
And not only that, since your transaction is encrypted they have to have a real life camera pointed at the pin pad to see your physically put your pin number in.

That is only for creating counterfeit cards
They would also have to implement a second camera to see the 3 digit number on the back for online purchases.

ATM makers and POS terminal makers have long taken that into account when designing their products. Its why they have such weird curves and edges, to make it extremely difficult to make a convincing skimmer and camera combo

Its so much more secure, and I cant believe anyone would try and downplay its significance.
Magnetic strip technology is from the 70s and is woefully easy to skim and steal

>>1021104
No. They don't have to get your pin in the us. That's the point. It's not chip and pin here, it's just chip. It's not any more secure than just a strip

>>1021083
>Don't forget we don't implement pin, just the chip

There was only 1 time I did not have to put a pin in. It was literally the first day of the chip and pin rollout at a Target. I went there the following week and it required it.
Every other store I have been to forces the pin too.

I dont live in a big city either.
This point is moot because by 2017 pretty much every retailer will have implemented it.
Visa and Mastercard have put in writing, in their contracts with all stores who use their service that any and ALL fraud will the burden of the store if they dont accept EMV chips.
And retailers can refuse this, but will no longer be able to take Visa or Mastercard. Its why everyone is moving over

>>1021062
Because we were all just issued cards and told "its better" in the mail. But nobody was told or explained how to use it or why we are using them.
And as the deadline from Visa and Mastercard hit, some places forced it, some places it did not work, some places it was actually pretty slow.

And we have a lot of fearmongering in our news.
We were told for like 3 years straight how bad RFID chips were.
Then suddenly in the mail we were getting new cards with a large visible chip without being told what it is.

It created confusion for tons of people, I mean look at OP.

>>1021119
What exactly are you talking about?

Yes the USA does require a pin for their chip cards, if you know of a store that doesnt they are rogue and have fucked up.
And how exactly is it less secure, when you cant skim it and you cant recreate it?

The weak link is literally the magnetic strip still

>>1021126
What? I've been using my chip cards since my bank sent them to me. I've never used the pin. No one I know of has ever used the pin. You just insert the chip, then sign like when you swipe. No difference.

>>1021127
I have never once signed with my chip card

And regardless if you use a pin, a signature, or anything else.
How is it not more secure when you cant replicate the cards?

>>1020984
https://wiki.hackerspace.pl/projects:koszulki_faradaya
Just print and add aluminum foil.

>>1021119
It was saying whats the point of the pin if its possible for someone to get it?

Security doesn't make things impossible just more difficult.

>>1020984
That's not RFID dumbass, that's EMV. You don't need a shield.

>>1021129
I think it depends on the amount of your purchase and which bank you have. Chip cards require a signature sometimes.

You can have your bank disable the "flash" or RFID (not sure if this is the technology used) function of your card. I know my bank will disable it upon request, at least.

>>1021126
Ive used mine multiple times a day since they've rolled it out a while back and never used a pin.
I don't understand people so worried about CC fraud, I've had mine stolen twice over a decade, and both times I just call and say hey that isn't me.
>Debit cards are much more scary.

Wait so you American have chips but no pins?

Thats like have seat belts but no seats.

>>1021241
>>Debit cards are much more scary.

No its not, unless you are using some retarded local bank or something.
I have Chase, and they catch out of the ordinary purchases and stop them.

I had my card compromised. Someone tried to buy world cup tickets.
They called and asked if it was me, I told them no it wasnt, they proceeded to automatically kill my card and 2 day shipped me a new one. I could have walked into a chase store and gotten an ATM card handed to me if I needed money.

It was trivial.
They automatically forwarded all of my automatic payments that I used from my old card to my new one.

While at the same time my best friends mom works a local bank. They hold 0 liability for debit card fraud, people are shit out of luck the money is just gone. They dont read the fine print and somehow expect a small bank to have a fraud department.

>>1021126
>Yes the USA does require a pin for their chip cards
I have seven chip cards (credit) from four different sources. I don't have a pin for any of the cards. No pin was issued with the cards.
I have one debit card which doesn't have a chip and I sometimes have to use the pin which was issued with it, but not always.

>>1021126
No. It doesn't. Sorry. It's not chip and pin in the US. It's just chip, and chip is compromised as well. Like I said, it's just an inconvenience to the thieves, they have to learn how to play a new game. It's a nice evolution, but the US really dropped the ball by not implementing pin. Next generation is going to be true single-use NFC e-transactions on your phone and will be almost impossible to man in the middle, but that's probably another 15 years.

https://www.youtube.com/watch?v=Ks0SOn8hjG8

>>1021328
Credit cards dont use pins, they take signatures.

Debit cards require pins unless you run them as a credit card, or your purchase was under a certain dollar amount.
They are taking away the ability to run as credit once you start using EMV cards

File: mother_of_god.jpg (61KB, 500x349px) Image search: [Google]

61KB, 500x349px

>>1021344
No. Credit cards are still just chip and signature. In europe credit cards are chip and pin.

In the US ATM cards have always been strip and pin, unless you run them as a credit/debit card, which is then just strip and signature.

Your last argument implied that I won't be able to run my credit card as a credit card. There aren't any plans to switch america to chip and pin on the horizon. That has been my entire argument this whole fucking time, I don't know why you think the world is different from what everyone else in this thread has factually experienced.

>>1021349
>There aren't any plans to switch america to chip and pin on the horizon. That has been my entire argument this whole fucking time

2017
Unless of course you are using a card provider that isnt Visa or Mastercard. You know, the people who got the idea to force the switch.

>I don't know why you think the world is different from what everyone else in this thread has factually experienced.

Because we are literally in the middle of the rollout, you think its a coincidence than 3-4 years ago everyone had gotten new POS terminals with chip support but didnt activate them?

There was a time when I could to use either the strip or the chip on my card. Now I am forced to be using the chip.
But alas, my anecdotal evidence that I used to be able to do both totally means change hasnt and wont continue happening!

>ITT: americans try to convince themselves that their way is better because it's their way.

In northern europe, we've had chip-cards for at least seven years, and RFID-capability for at least two years.

The RFID scanners are scarce, so I don't use it too often. Mostly three or four places in my medium town, but apparently now they're rolling out some cellphone pay solution, so I assume the terminals will accept my visa wireless.

I prefer the chip unless I'm getting drunk or in a hurry or getting drunk in a hurry. There's a pin demand for every 100$ or every 5 transactions or something, so you can't just slap and go wherever.

Besides, I keep my card in a half mil aluminium case. Nobody is going to scan it through there without burning my thigh.

>>1021067
Meanwhile in Sweden even our native beggars accept chip and PIN with mobile terminals. And you are supposed to put in your card and enter the PIN as soon your hands are empty. I usually have to wait for the cashier and not the other way around. I just hit accept when the cashier closes the note since I've already authenticated the purchase. Then it's a 2 second delay to verify that you actually have enough credit or debit to pay it off.

>>1021083
That's only for smaller purchases like paying for your lunch where they may have to process 10 small purchases in a minute. The store usually don't require a signature either so you can claim your card was stolen and get your money back. And no you can't copy/steal the chip info. There's a micro controller inside your card that encrypts the transactions.

>>1021537
Well a retailer could technically not implement pin in their system, but they wouldn't be compliant with the agreement of the card companies. They would be on the hook for any fraud with an EMV chip. Thats why most places have it in place, and if they havent yet they will in the near future.

Why would a retailer spend the money upgrading their hardware to be compliant, but then refuse to flip a switch in their software which keeps them from being compliant?

>>1021535
>Then it's a 2 second delay to verify that you actually have enough credit or debit to pay it off.
Same here. I don't know what's wrong with the US systems, but certainly it can be fixed.

>>1021542
>>1021535
iianm it's because the magnetic swipe was just approval of a checksum deemed "valid credit card" while the chip actually requires contact with the bank servers. Whenever the net is down in Norway, transactions take a while and you have to sign the receipt.

The main way of solving this in the US is to hook the rest of the terminals up to the net, but considering how ass-backwards cell tower coverage and internet availability works there, outside of the big cities, that could take a while.

>>1021542
>I don't know what's wrong with the US systems

Im in the USA, and what these people are describing doesnt happen to me. It probably depends on where you live, and things will get better with time. This is the first ive heard of people with problems, other than people grumbling when they slide and it says to insert.

Eastern europe. No RFID, pin for every single transaction. Takes 5 seconds at most. Swiping is only used to open the door to the bank during off hours to access the ATMs.

Banks will also call you if they catch odd transactions.

Those little RFID shields that are for sale won't protect you much OP, commercial readers will have issues yes, but any crafty crim-crim will have an antenna strong enough to overcome the shielding.

>>1020992
I fucking hate this RFID crap, my bank also pushes it with new cards, I intend to use my old one as long as possible and somehow physically disable the RFID part, I was thinking of overloading the coil to burn the chip or strategic drilling.

I have seen the following:
Insert chip
Insert chip, enter pin
Insert chip, sign name

>>1020984
Keep it under your tin foil hat

You can pop a small drillhole through the antenna line (it runs around the outer edge of the card). Cut it in a couple places and it won't function anymore, but leaves the normal functions intact. Put the card against a strong light (Even a screen with a white background will do) and you should be able to make it out.

So far I've avoided getting one of these, chip and pin is secure and reliable and faster than swipe and sign, but the RFID stuff is way too easy to skim - Me and the guys at work played with a few methods a few months ago.
Cellphones struggle beyond direct contact range, but we could pick them up at a few feet with an unmodified cattle tag reader. Someone with minor electronic skill, and access to some fairly cheap equipment can put together something that can fit in a hold-all and pick up anything it passes.

Buyfag route, check out stronghold RFID blocking wallets, passport holders and cell phone bags.

DIY, build a faraday cage with aluminum foil or mylar. Test it by placing a cell phone inside, and if it will not ring when called, it works.

This is also a way of making a "magic bag" which shoplifters use. You make it big enough to fit items you want to steal inside, and it will not set off the detectors at the door. Don't break the law.

File: 1369577925988s.jpg (4KB, 106x125px) Image search: [Google]

4KB, 106x125px

>Shop tells me to be careful about entering my signature because "the new chip technology checks your signature"
>draw a dick
>card accepted
wew future

>>1021544
Earliest adopters eventually end up with the most legacy problems.

>>1022093
The... whole point of the chip is to remove any need to draw anything. It uses a pin code same as the ATM machine.
Or is this another american company failing to use 10 year old technology properly in case it turns out to be witchcraft?

>>1020984
Just buy a Wallet with a rfid shield

>>1020984
When my bank switched to RFID cards I phoned them and complained. They recommended some card sleeves from National Envelope. They seem to be tyvek with a thin layer of metal inside.

I bought 15 of them. I've only had 1 wear out in 5 years. During this time, National Envelope went bankrupt and I'm down to my last sleeve.

>>1021542
There are 900000 banks in the USA. Most are so small they can't spend a dime on "improvements." So every "standard" used in the USA is as cheap and as flimsy as possible.

>>1021584
U can stick your card in one of those old vhs tape wiper machines.

>>1020984
Emv is safer it is sungle-use cryptography so the card has to be physically present for every charge made.

>>1020992

Thank you, this helped me

Who even uses a card anymore? I just use my cell phone.

>>1022493
Wouldn't that kill the mag strip too?

>>1020984
Pit a magnet in your wallet, the chip is not magnetic and mag.should fuck up any usable data extrapolated. I'm totally guessing in this

>>1023596
>extrapolated
>I'm totally guessing
We got that when you used extrapolated wrong.

>>1020993
>hope that you get the folds right so the rfid signal doesn't leak

RFID isn't high-power microwave RF design.
The powers are so low that the aluminum shield would block pretty much any transmitter for the card that would be in a resonable range, regardless of folds.

That's ignoring the fact that most RFID systems use inductive coupling instead of an RF link.

>>1021756
Until some fag at the register wants to check you card, and denies it because he just got out of training and "this card is modified."

I just send a high power pulse through the inductive coupling. Yeah it's harder to do, but it works.

People with small amounts of authority are the most annoying.

>>1020984
Write checks

>>1020984
aluminium foil or try and request a card without RFID.

If you get a new card, don't forget to customise the picture on it!

>>1020984
Nothing is safe, even chip and pin transactions. Please don't support the banks trying to put the responsibility on customers. They get away with everything anyway, they should at least provide you with some security.

For chip related issues refer:
https://www.youtube.com/watch?v=szgwaYajKHA