![Nelson Lopes [EN]](https://substackcdn.com/image/fetch/$s_!Dk9E!,w_80,h_80,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb2f1cdfe-b08f-4b54-a20b-4e24c3300ac6_800x800.png)
![Nelson Lopes [EN]](https://substackcdn.com/image/fetch/$s_!Dk9E!,w_36,h_36,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb2f1cdfe-b08f-4b54-a20b-4e24c3300ac6_800x800.png)
The reason I use an RFID-blocking wallet
Did you know that a malicious person can easily steal your money by simply holding a payment terminal close to your pocket or wallet?
Hello again :)
Nowadays, we increasingly have less need to carry a physical wallet. For example, in Portugal, the gov.id app (iOS, Android) already allows users to legally present their citizen card, driver’s license, vehicle registration certificate, car insurance, among other documents, meaning there’s no longer a need to carry them physically.
NFC technology, used in banking apps, has long allowed for contactless payments without physical cards. For instance, also in Portugal, the MBWay app enables payments not only via NFC but also through QR code scanning, which greatly simplifies the payment process and reduces - or even eliminates - the need to carry physical bank cards.
Still, most people continue to carry their physical ID and bank cards - either because they’re not comfortable with the technology (they don’t know how it works or are afraid of making mistakes), don’t trust it yet, haven’t taken the time to test it, or simply don’t want to. A friend of mine once said he didn’t use MBWay because it drains his smartphone battery 😮
That said, it’s important to be aware that contactless cards don’t need to be inserted into a payment terminal to complete a transaction - just bringing them close is enough. This also means that a malicious person could approach your pocket or wallet with a payment device in a crowded street or public place and charge you without your consent.
PIN entry is only required for payments above a certain amount, so any charge below that limit will go through without issue.
The same risk exists if you keep NFC enabled on your smartphone and your banking apps are configured for payments. You should always disable NFC when you’re not using it.
Additionally, it’s important to know that access cards to private buildings can be cloned very easily using tools that are freely available online - like the Flipper Zero. Once a card is scanned, its data can be stored on the Flipper Zero and:
Replayed by holding the Flipper Zero close to an access reader, unlocking a door, safe, garage, etc. that was originally restricted to the access card;
Or cloned onto a blank smart card, creating a duplicate of the original (which is much less suspicious than carrying around a Flipper Zero).
Because of this, I strongly recommend using RFID-blocking wallets so that all cards inside are secure from these types of attacks. These wallets are available both online and in physical stores.
Don’t forget to test your wallet to make sure the RFID-blocking actually works. To do this, try making a payment while your bank card is inside the wallet. If all goes well, nothing will happen - you’ll need to remove the card in order to complete the transaction.
If you don’t have one of these wallets yet, don’t wait. Get yours today!
Thanks, and see you soon,
Nelson
In this video we can watch this attack happening: https://www.linkedin.com/posts/emersonrbrito_alerta-de-golpe-com-maquininhas-de-aproxima%C3%A7%C3%A3o-ugcPost-7351246759005683712-CbQd?utm_source=screenshot_social_share&utm_medium=android_app&rcm=ACoAABCj1zgB-s59kmwfyqfi9dLDZkEdiFzBuW4&utm_campaign=whatsapp