Privacy Virtual Cards
Spending Limits

Set a spending limit and Privacy will decline any transactions that go over the limit

Merchant-Locked Cards

Lock Privacy Cards to the first merchant they’re used at to prevent misuse if stolen

Single-Use Cards

Create Privacy Cards that close automatically after the first purchase is made on them

Pause/Close Cards

Pause or close your Privacy Cards at any time to block future transaction attempts

Sign Up For Privacy Now

What Is RFID Credit Card Theft and How To Prevent It?

Ashley Ferraro, Product
May 8, 2024
 • 
10
 Min Read
Protect Your Payments With Virtual Cards

According to the Federal Trade Commission, credit card fraud was among the most prevalent types of identity theft in 2023, with over 114,000 reported cases. Statista estimates that the U.S. economy lost about $1.59 billion in 2022 to this financial crime. 

With the recent shift to contactless payment cards, more cybercriminals are turning to RFID credit card theft via scanning. This article will explain how this theft happens and provide tips on how to protect your RFID credit card from potential thefts and other common payment card frauds.

How Do RFID Credit Cards Work?

To understand how RFID credit card theft occurs, you must first learn how RFID credit cards work. RFID or contactless cards use Radio Frequency Identification—you’ll know yours is one if it has a sign that looks like the Wi-Fi sign turned sideways. This type of technology transmits information between tags attached to objects and scanners via electromagnetic waves.

A typical credit card tag or chip contains the following three details:

  1. Cardholder's name
  2. Card number
  3. Expiration date
An image of a person holding a credit card scanner with another placing a credit card over the scanner
Source: Karolina Grabowska

When an RFID card is near a scanner or card reader, the scanner automatically emits radio waves to activate the card’s RFID chip. The chip can then respond by also emitting radio waves to send its stored information to the reader. 

Most credit card issuers use near-field communication (NFC) technology to ensure their cards can only communicate with contactless readers 1–2 inches away. The risk associated with having these cards is that someone may try to use the contactless reading feature to steal your credit card information.

How Does an RFID Scanner Steal Credit Card Info?

Scanning is a type of credit card fraud in which cybercriminals use illegal card readers to activate RFID chips on unsuspecting victims’ credit cards and extract payment details.

For this to happen, the hackers must be within the card’s read range, which is typically 5–6 inches. As a result, most hackers who use credit card scanners operate in crowded places like gas stations, tourist attraction sites, buses, trains, and malls.  

What Can Cybercriminals Do With Stolen Credit Card Data?

Once a hacker has stolen your credit card data and other personally identifiable information, they can use it to do the following:

  • Make unauthorized purchases
  • Create duplicate credit cards
  • Access your bank accounts and make withdrawals
  • Apply for loans in your name
  • Sell this info to other cybercriminals on the dark web 
  • File fraudulent tax returns and claim tax returns

The good news is that you have some protection from the damages you might suffer in case of stolen credit card data. However, it might take some time to resolve the damages, especially if the theft causes your credit score to drop.

A photo of a hand keying an ATM keypad
Source: Eduardo Soares

Are Debit Cards Also Susceptible to RFID Theft?

Yes, debit cards with RFID chips are also susceptible to unauthorized scanning. To prevent huge financial losses, you should regularly monitor your transactions and flag unauthorized payments as soon as possible.

Credit and debit cardholders are protected by different laws that limit liability based on the time users take to report disputed charges. Some banks also have $0 liability policies in place, so you wouldn’t be liable at all. Here’s a run-down:

Card Type Debit Card Credit Card
Applicable Law The Electronic Fund Transfer Act (EFTA) The Fair Credit Billing Act (FCBA)
Time Restrictions and Maximum Liabilities
  • Two days — $50 maximum liability

  • 60 days — $500 maximum liability

60 days — $50 maximum liability
An image of a person putting a credit card into a wallet
Source: Liza Summer

What Should You Do in Case of an RFID Credit Card Theft?

People often discover their credit card numbers have been stolen by receiving a transaction notification or bank statement showing an unfamiliar transaction. If your card is still with you, it’s possible someone obtained your information while you were using the card or via an RFID reader. 

When you discover suspicious activity on your credit card statements, you should: 

  1. Inform your card issuer—Ask them to pause or close the card and stop any pending transactions. 
  2. Report the case to law enforcement authorities—You can file an online identity theft report at the Federal Trade Commission’s IdentityTheft.gov website.
  3. Contact the three credit bureaus— Equifax, Experian, and TransUnion—to report or stop potential fraudulent applications with the stolen details.

How To Protect Your Cards Against RFID Theft

Besides the security measures put in place by your credit card issuer, you can also take personal initiatives to safeguard your card details from unauthorized access. Below are a few RFID credit card protection tips for preventing illegal scanning:

  • Invest in specialized RFID-blocking sleeves or wallets designed to block electromagnetic signals from unauthorized scanners.
  • Use RFID-blocking stickers or cards.
  • Opt for cards from reputable financial service providers with industry-standard security measures.
  • Enable payment notifications on your mobile devices to identify and flag unauthorized transactions on time.
  • Regularly review your statements to scan for unrecognized activity. 
  • Leave your card at home when visiting high-risk, crowded areas like public beaches and tourist attraction sites.

You can also opt for a different type of contactless payment, like using your phone's NFC feature and an e-wallet or app. If you still don’t think your card is secure enough, you can always ask your bank to issue you one without an RFID tag. 

How To Protect Chip Credit Cards From Theft

If you’re wondering, “Do credit cards with chips need RFID protection?” The answer is no. To communicate with a reader, a regular chipped card needs physical contact—but RFID chips don’t because they have an antenna.

That doesn’t mean you don’t have to protect chip credit cards. Criminals might try to steal your card information while you’re using it at an ATM or a POS device by installing a reader beforehand. To protect your cards from these devices, also known as skimmers and shimmers, you should be on the lookout for signs of tampering:

  • Loose or damaged parts
  • Keypads with moving edges or thicker buttons
  • Card readers with awkward shapes or different colors than those you regularly use
  • Gas pumps missing the security tapes that help indicate tampering

There’s also the chance someone will try to steal your credit card information when you’re using it online. It’s called e-skimming, and the more you use your card online, the more you’re exposed to the risk. 

For protection, you can: 

  • Avoid clicking on links from unknown sources—Hackers often use malicious links to redirect users to fake checkout pages that phish payment details.
  • Use secure, private Wi-Fi when making online payments—Cybercriminals can intercept transactions over public Wi-Fi and steal your card information.
  • Use virtual cards—while some major banks issue them, choosing a card from an independent provider like Privacy means getting better security and convenience features.
Source: Clay Banks

Add an Extra Layer of Protection With Privacy Virtual Cards

By using Privacy Virtual Cards, you're adding another protective layer around any transaction that takes place online. Privacy Cards use a random 16-digit payment card number with a CVV and expiration date that hackers cannot backtrack to your actual accounts.

Privacy also offers the following security features:

  • Payment Card Industry Data Security Standard (PCI-DSS) compliance 
  • Internet Protocol Security (IPsec) with AES-256 to safeguard inter-data center communication
  • PBKDF2 with 100k iterations for password hashing and rainbow attack prevention
  • Industry-standard Transport Layer Security (TLS) HSTS for all web traffic

Types of Privacy Virtual Cards and Features

Privacy users can create two types of credit cards—Single-Use and Merchant-Locked. Learn more about them below:

Card Type How It Works When To Use
Single-Use Cards It closes shortly after the first payment. If cybercriminals steal its details, they can't use them to fund another payment.
  • One-time transactions

  • Transactions on websites/with merchants whose security practices you're unsure of

Merchant-Locked Cards  It's “locked” to the first merchant where you use it, making it impossible for hackers to use it elsewhere.
  • Recurrent payments to one vendor

  • Online subscriptions

Regardless of the type of Privacy Card you generate, you will get access to great tools to help you keep your safety and finances in check:

  • You can set spending limits to prevent merchants from overcharging you.
  • You may pause and close virtual cards to reduce the risk of fraud without affecting your bank account or payment card.
  • You can set real-time alerts to monitor your transactions.

Privacy Cards are accessible via an Android and iOS app, enabling you to create and manage them on the go. You can also use these cards via the browser extension available for Safari, Chrome, Safari for iOS, Firefox, and Edge. The extension autofills card info at checkout, saving you time and the need to memorize card details. 

Privacy Cards Setup and Pricing

To create a Privacy account, follow the steps below:

  1. Sign up
  2. Verify your identity
  3. Add a debit card or bank account
  4. Request Privacy Virtual Cards

Privacy offers three plans, and you can read all about them in the following table:

Plan Features
Personal—free for domestic purchases
  • 12 free virtual cards per month

  • Both card types

  • Pausing and closing features

  • Spending limits

Pro—$10 Per Month
  • 36 new virtual cards per month

  • No foreign transaction fees

  • 1% cashback on specific purchases (totaling up to $4,500/month)

  • Priority support

  • All the other features in the Personal plan

Premium—$25 Per Month
  • 60 new virtual cards per month

  • All the other features in the Pro plan

Privacy Virtual Cards are available to U.S. residents over the age of 18 with a checking account at a U.S. bank or credit union. They can be used at most merchants and websites that accept U.S. Visa® and Mastercard® payments. 

Privacy — Seamless & Secure Online Card Payments
Sign Up