As far as crime goes, pickpocketing is a classic. In fact, it dates back as far as the 1600s, when paper currency and wallets came into existence.
But as technology advances, so too does crime. And the tools criminals use to commit theft are advancing as rapidly as digital devices are. One thing, however, hasn’t changed – a thief’s acumen and dexterity when it comes to the act of the crime.
Today, fraudsters can rely on a Radio Frequency Identification (RFID) skimmer to remotely scan data from credit cards sitting quietly in someone’s wallet – without them detecting any foul play.
How? With a smartphone, of course. Mobile app stores feature free skimming apps; and video tutorials on how to skim a credit card polka-dot the internet.
In response to this growing phenomenon, called electronic skimming or ePickpocketing, Sydney-based startup ARMOURCARD has developed the world’s first active RFID protection device.
Thus far, passive devices have been introduced into the market, such as the aluminium wallet, which acts as a shielding layer. But if the fraudster dials up the power on their RFID skimming device, they can still penetrate through the aluminium.
Launched in July 2013, ARMOURCARD tackles the issue differently. Their technology, which doesn’t look all too different from a regular card, fits comfortably in a wallet and actively jams RFID signals – preventing personal data found on credit cards and ePassports from being poached and used by identity thieves.
ARMOURCARD is powered by an internal battery that lays dormant until a skimmer tries to interrogate a credit card or ePassport. By electronically jamming the frequency, the technology makes it impossible for hackers to obtain personal information.
Co-Founder Tyler Harris says, “When someone tries to interrogate your credit card, ARMOURCARD automatically powers up and creates a little force field, two centimetres on either side of the card”. This means that the technology can sufficiently protect a thick, triple-layered wallet.
Harris and Co-Founder Richard Teece, believe in today’s technologically advanced world, we can never be too careful.
“There are a lot of professional hackers waiting to pounce on their next target. And the reality is, someone can buy an RFID reader from eBay for $60, and they can use that to interrogate your credit card without you noticing until you get your monthly statement,” says Harris.
“No longer can we assume our personal data is private like in days gone by. Now, we have to actively work hard to keep private our personal data in this open airwaves information age.”
Teece concurs, saying items such as credit cards, ePassports, drivers licenses, loyalty cards and even library cards, contain sensitive personal identity data that can be stored within a micro-chip and if enabled with RFID technology is susceptible to electronic skimming.
“This leaves regular people extremely vulnerable to professional criminals and hackers who can intercept this data using the same RFID technologies,” says Teece.
The idea for an active RFID protection device came out of personal privacy concerns.
“Richard had some unexplained transactions on his tap-and-go credit card account, that he never uses for anything other than grocery shopping at the major chains,” says Harris.
After noticing the strange transactions and trying to convince the banks they were not authorised, the co-founders started investigating the RFID technology found in these credit cards.
“We felt extremely sceptical and concerned about the level of security currently on the market surrounding these technologies. No longer are we dealing with risks linked purely to the criminally minded – there are even applications being created, for example, that can be downloaded to Smartphones, transforming a regular phone into a credit card skimming device,” says Harris.
“And if relative novices like ourselves were able to access personal data off credit cards so easily, imagine what the professional criminals and hackers can achieve – it’s pretty frightening stuff.”
Probing around, the co-founders went to stores that sell electronics and purchased circuit boards. Though admittedly, they’re not engineers, they had enough skill to fork up a concept. And after engaging with a patent attorney and a qualified electric engineer, Harris and Teece were able to bring their vision to life – now, hoping Australians and credit card owners worldwide can recognise the benefits of slipping an ARMOURCARD into their wallet.
A fairly dated study commissioned by the Australian Transactions and Reports Analysis Centre (2003) suggests identity fraud costs the Australian economy $1 billion every year – a number that could’ve only grown in the past decade. Though it is difficult to pinpoint what percentage of that is a direct result of electronic skimming, it wouldn’t be too far-fetched to assume a big one.
Credit card companies, however, up until two years ago, had denied the fact that ePickpocketing was even a possibility, let alone a common occurrence. In a blog post in 2011, Oliver Manahan, Vice President of emerging payments at MasterCard, said users should “take comfort knowing there is very little truth to the reports of [ePickpocketing] fraud”.
They’ve since changed their stance, and the concern is becoming more widespread. Unfortunately for the uninitiated, the consequences are felt long after the theft.
Harris says their biggest challenge at the moment is encouraging people to be proactive about identity protection.
“What’s challenging for us is that most people think it won’t happen to them, so the device is not worth buying. But the reality is, it’s never been easier for it to happen to us, now that we all possess a smartphone,” he says.
ARMOURCARD is currently priced at AU$49.99, and sold online. Harris says they’ve received orders from all over the world – from Las Vegas to Saudi Arabia. In Australia, a majority of the orders have come from Queensland.
“What we have is not rocket science, but it’s the first of its kind. And we priced the product quite affordably, without it being too cheap,” says Harris.
“It we went any cheaper, it would seem like a gimmick. This is state-of-the-art technology. We were cautious about finding the right price point; and $49.99 gives us some room to talk to wholesalers and make the technology available in bricks and mortar stores.”
Harris and Teece are currently looking to partner with an American retailer and will be embarking on a more aggressive marketing mission in 2014. Given ARMOURCARD’s in-built batteries last between 18 to 24 months, they’ll also be looking at a rechargeable model in the future.
At the moment, though, they’re focused on reaching out to travellers who are generally more aware of electronic skimming.
“From a strategic point of view, the low hanging fruit would be to dig into the travellers market. A lot of ePickpocketing happens while travelling. Someone may return from a holiday, only to learn to their surprise, that they bought a house in a country they never visited,” says Harris.
To learn more about ARMOURCARD, visit www.armourcard.com.au.