Secure Mailing Envelope to Shield Smart Card Data

In a significant advance for consumer privacy and security worldwide, financial institutions, governments, businesses and other distributors of contactless "smart cards" now have access to lightweight card sleeves and mailing envelopes that completely shield all personal and financial information on the card's memory chip from theft or unauthorized transmission. National Envelope Corporation announced that it has developed and is now marketing Smart Card Guard, a unique and cost-effective new line of products that shield a smart card and its electronic information when mailed or carried in an individual's purse, wallet or pocket. The company is initially targeting sales to financial services companies and government agencies, and the market is global.

Smart Card Guard functions by enclosing the card in a thin protective metallic barrier that is incorporated into a specially produced, easy-to-print substrate. The product prevents personal data in the smart card's embedded integrated circuit from being transmitted via radio frequency (RF) waves to any smart card reading device.

Rigorous InfoGard testing of all Smart Card Guard samples in early 2007 documented that the National Envelope products prevented communications between the enclosed smart card and smart card readers from all leading manufacturers -- "even when placed directly onto the reader," according to the InfoGard test report. Contactless smart cards and readers use a 13.56 megahertz plus/minus 7 kilohertz frequency transmission standard, the standard used in the InfoGard tests.

There are more than 550 million banking and payment smart cards alone in circulation worldwide, with about 27 million of them now in the U.S., according to a May 2007 report from the Rockville, MD-based research firm, Packaged Facts, which serves Fortune 500 companies. Financial institutions, drawing on success in Europe and Asia, are seeking to expand the rollout of smart cards in the U.S. to more than 100 million by 2011.

In the U.S., contactless credit cards, debit cards or small keychain devices are being issued by financial institutions . In addition, the U.S. Department of State is expected to issue 17 million "e-passports" containing contactless smart card technology this year alone, while 26 other countries are currently using the technology in their passports. Other smart cards include federal ID cards, refillable gift cards, payment cards, health insurance cards, driver's licenses and other state or organization ID cards. More than 3.3 billion smart cards were shipped worldwide in 2006.

Many smart cards use some form of encryption technology. But in a 2006 study by researchers at the University of Massachusetts-Amherst, a test of 20 smart cards showed encryption levels were not nearly strict enough to prevent easy interception of personal information.

The researchers found that a person using a reading device with off-the-shelf components and costing as little as $50 could walk around in a crowded place and steal private information from passersby just by passing the device near a handbag or wallet.

In December 2006, U.S. Senator Charles Schumer (D-NY) issued a statement advising consumers about potential theft of personal information on smart cards. He said information stored on smart cards can pass through clothing and wallets, and that proliferation of smart cards "means that identity thieves could benefit from having more opportunities to steal the data." He also noted a thief with a card reading device could easily steal personal information out of mailboxes.