Sileo Deflates ePickPocketing Hype on Fox & Friends
John appeared on Fox & Friends this morning to set the facts straight about the real and perceived risks posed by Electronic PickPocketing.
It is true that Identity Thieves are able to steal your credit card information without even touching your wallet. The technology exists, is readily available and can be assembled for under $1,000. But that doesn’t necessarily make it an efficient means of stealing credit card numbers.
RFID, or radio-frequency identity technology was introduced to make paying for items faster and easier. All major credit cards that have this technology have a symbol (pictured below). It means that your card can communicate via electromagnetic waves to exchange data (your credit card number) between a terminal and a chip installed inside of your card (or passport). Thus, by getting within a few inches of your credit card, a thief is able to obtain your credit card number, expiration date and maybe your name.
So we have established that stealing credit card numbers this way is possible, but is it feasible?
The Electronic Pickpocketing video circulating around YouTube makes it look that way. But the reality is a bit different. First, take into account that the news story in the video was focused around a gentleman and a company that makes money by raising your fear about this type of theft. The gentleman they interview runs a company that makes shields for your credit cards and passports to stop electronic pickpocketing. I’m not saying that the products don’t work or aren’t somewhat valid; I’m saying that you have to take the context of the story into consideration before buying the hype.
Data Breach Protection: Laptop Theft Best Practices
Laptop theft and mobile data theft (tape backups, iPhones, BlackBerries, USB drives) account for nearly half of the cases of serious corporate data breach and workplace identity theft. Your corporation’s data breach protection will be significantly improved by educating your staff on the following mobile data best practices:
Before you save sensitive data to any mobile device, it is your responsibility to:
- Determine if your organization allows you to remove the data in question from the office in the first place. Are you allowed to save that database, Excel file, Word document, customer list, employee record, intellectual capital, etc. on your laptop, thumb drive or other mobile device?
- Decide if it is absolutely necessary to remove it from the more highly-controlled and secure environment of the office. In many of the major cases of reported data breach, the data stored on the mobile device did not actually need to be there in the first place.
- Verify that you have been authorized by your supervisor to place a copy on your device. When in doubt, check with your manager, supervisor or privacy officer to determine the correct course of action.
- Exhaust all other lower-risk alternatives for accessing the data. In many cases, it is possible to utilize a secure remote access connection to access the data so that it never leaves the company premises. You lower your personal liability when you access the data through centralized, highly secure methods.
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
