Contactless credit cards, which allow data to be read without swiping through a reader, pose a serious privacy and security risk because some information is not stored encrypted, according to a paper written by five university and industry researchers.

The researchers claim that nearly 20 million radio-frequency identification (RFID) credit cards in circulation today could be vulnerable to skimming attacks, which could harvest names and credit-card details from the cards of passers-by. A skimming attack uses a normal reader, or one that has been enhanced to read cards from a greater distance, to grab unencrypted data from the card.

The link for this article located at SecurityFocus is no longer available.