It’s not surprising that some frightening new security exploits came out of the Black Hat conference in Washington DC this week. One exploit in particular caught my eye because it relates to something I carry around in my wallet, my American Express credit card.

A guy named Adam Laurie who is considered an expert in RFID (radio frequency identification) can read the data on any smart chip enabled credit card. He’s been developing a Python script that he demonstrated at the conference. The Python script allows Adam to retrieve the account number, the account holders name, and the expiration date from a card in someones wallet.

It’s a scary thought that no matter where you keep your wallet, in your front pocket chained to yourself it doesn’t matter, pickpocketing is now taking a digital form. This is not only a problem for smart chip credit cards, but could pose a threat to anything that uses RFID.

American Express isn’t too concerned according to Laurie who contacted them in an effort to inform them about this vulnerability, “We are comfortable with the security of our product” a representative from American Express said.

The reason American Express isn’t taking this seriously is because it will strip customers of the convenience of faster checkouts. Most often security takes a back seat to convenience, but this is clearly one of those times where security should take precedence over convenience.

On his RFIDiot Web site, Laurie offers the Python scripts free of charge.