Two recent arrests in Wake County suggest that financial-card crime is changing to accommodate the coming of credit and debit cards that use tiny electronic chips to transmit the owner’s and the bank’s information by radio.
In both cases, the charges involve using a portable electronic scanning device that activates the chip in a nearby credit or debit card and snatches the information it contains. The scanner does not have to touch the card; information can be stolen by someone simply passing a scanner close to a card owner’s pocket or handbag.
On Aug. 19, Wake County sheriff’s deputies arrested Michael Antwane Williams, 26, and charged him with capturing information from cards belonging to three people on July 17. Williams told authorities he has no permanent address.
Tuesday night, Donnavanessa Theola Williams, 28, of 4107 Deep Hollow Drive in Raleigh was arrested on charges filed by Crabtree Valley Mall police that she took information from two people’s cards between June 5 and July 18. Raleigh police arrested her at a park in the city.
The Williamses were not believed to be related.
Both suspects were also charged with trafficking in stolen identities, meaning police believed they had transferred the captured information to someone else.
Michael Williams was also charged with eight counts of using stolen identities to try to make financial transactions – the three victims whose cards he was accused of scanning and five more people.
It’s important to note that not all American credit cards that have the chips you see on the front are what are called RFID – radio frequency identification – cards. So far, most need to be inserted, what the credit-card industry calls “dipped,” into a card reader.
So far, readers that can use chips still can be used for the “swipe” method people are familiar with, and cards in use today generally have both the chip and the familiar magnetic stripe on the back, according to the banking industry-supported website creditcards.com.
The industry will, in coming years, eliminate the stripe. That stripe is what makes it possible for thieves to create and use cards with stolen information.
Using the chips for transactions is considered more secure because the chip creates a one-time code for the transaction, and that can be used at most for one more transaction if a thief gets it, the industry says. And it is very difficult to create a counterfeit chip that will connect successfully with your bank’s computer.
Cards with chips are, by the way, known in banking and merchant circles as EMV cards. That is an acronym for Euro, MasterCard, Visa, the worldwide major card issuers. A card from your bank has to work with one of those systems or it won’t work anywhere.
With striped cards, account and bank information and the owners identity are easily written onto the stripes on blank striped cards – what are sometimes called “vanilla” cards – if thieves have the machine to do it and a computer.
Police sometimes are able to arrest suspects with dozens of cards that have been forged or are waiting to be forged. Raleigh police arrested a woman Thursday with what they charged were 27 counterfeit cards.
RFID cards are being put into use, though they are not yet common. The recent arrests, however, show that they are in the marketplace.
The website lowcards.com, which covers credit and credit-card issues, says that some cards with RFID capability have names that tell you if you have one.
The names in use, the report says, are Visa PayWave, MasterCard PayPass, American Express ExpressPay and Discover Zip.
They are sometimes referred to as “tap” cards that only have to be put close enough to – tapped on – another kind of reader for a purchase to be processed.
Even the change to using just chips, whether they are RFID-capable or not, has been slow. They require banks to reissue every credit card, and they require merchants to have new card readers into which the card can be inserted for a few seconds rather than being run through a slot. New card readers represent an expense for merchants.
And, in some cases, a merchant may have one of the new readers, but computer software to make it work has not been installed yet. The new readers, so far, still can accept a striped card, and that is still how many transactions are done.
The new scanning method for theft attacks the RFID cards.
Their chips are tiny radios that are powered briefly by energy that a scanning device transmits on the right frequencies. They send back the information coded onto them.
RFID has been used for many years in industrial and commercial settings, initially to help railroads keep track of freight cars. Their use grew as the size and cost of the chips shrank.
The cards have spawned a new range or products, with retailers offering wallets and purses that have material in them to block a scanner’s radio signals. They are advertised as being RFID-proof.
Whether you need one or not, of course, depends on whether your bank has issued you an RFID-equipped card yet.