Just because a credit card’s in your wallet, safe in your pocket or purse, doesn’t mean it can’t be very easily stolen without ever leaving the safe confines ofyour pants or your pocketbook.

This was easily demonstrated at a recent hacker conference, where the on-stage performance of an enterprising and tech-savvy young woman wowed the audience as she easily stole money from a volunteer’s credit card account (which she’d paid back in advance)

The exploit was simple and quick. Using some readily available gadgets — an RFID card reader that costs about $50 and a $300 card magnetizing tool — Kristen Paget showed the audience at Shmoocon in Washington how easy it is to read all copy all the important data on RFID-enabled credit cards.

Which cards are they? Check the back of your card. If it says PayPass or Blink, that’s an RFID card.

These are simple to use credit/debit cards that allow scanning instead of the old-fashioned swiping of the magnetic strip.

According to the Smart Card Association, about 100 million of the RFID-enabled cards are in circulation.  Visa calls its technology payWave, MasterCard dubs it PayPass, Discover brands it Zip, and American Express calls it ExpressPay.

Whatever it’s called, if you or the folks whose bills you pay have these cards, they’re vulnerable to data theft.

There are a couple of fixes, but one includes baking the credit card in a microwave oven to kill the RFID chip. Not recommended.

To read the full story on the hacking demo and possible fixes, visit here.

Tags: credit card, demonstrate, hacker, Kristen Paget, RFID, Shoocon, wireless