The latest payment cards and passports, as well as the proposed UK identity card, use ‘RFID’ technology to enable quick and easy exchange of data with reader equipment in locations such as retail outlets and airports. Similar technology is used by Transport for London’s Oyster card, as well as many local authority bus passes and the latest ‘tag and beacon’ phase of the London Congestion Charge scheme.

Because the radio communications methods used in all these cases are based on international standards, there have been several well-publicised attempts to ‘hack’ or otherwise expose private data stored in the wireless chips embedded in these cards and passports.

Whilst identity thieves are stealing your personal data for mischief or financial gain, the Government and your local authority are busy watching your every move, making sure that they have access to your personal records, your whereabouts and just about every other aspect of your life. For bad or good, depending on your perspective, the UK has become a “surveillance society” where our personal privacy has become a topic of debate.

While Big Brother is watching you from every conceivable angle, one company has devised a simple way of helping to protect your identity. SkimStopper is a new invention that protects contactless payment cards and passports by completely blocking the radio waves used to read data from them.

The potential for wireless cards and passports to be compromised by identity thieves was recognised by Dan Isaaman, Technical Director of Smartcard Focus, which developed the SkimStopper range of sleeves and wallets. Having monitored recent attempts to crack encryption algorithms by analysing the structure of the chips using a microscope, and to read RFID devices from long distances, he also realised that these cards and passports can be used to track people without their consent.

“Although there is no suggestion that these payment systems and passports are completely insecure,” explains Dan Isaaman, “the fact that researchers managed to untangle a complex cryptographic algorithm in a matter of weeks from a series of microscope photographs should still be a big concern.

“More importantly, cards and passports can be read from afar and profiled even without having the relevant encryption keys. With freely available hardware and software I could potentially walk past someone in an airport and discover their nationality. I could also monitor someone’s movements in and around a shopping centre, and read their name from their payment card to tie their behaviour to their real identity.”

Other security researchers have demonstrated that a postal worker handling a passport could potentially read private data from within the RFID chip without opening the envelope, just by knowing some basic information such as the recipient’s birthday.

Engineers have demonstrated the ability to read or intercept RFID signals from across a room without anyone knowing. Others have proved, with the owner’s consent, the ability to ‘clone’ an e-passport chip.