How to avoid contactless card fraud
There are now over 108.4 million contactless payment cards in circulation in the United Kingdom, according to The UK Cards Association, with over 416.3 million transactions each month carried out using contactless technology in April 2017. By removing the need for a PIN code, contactless cards do offer a fast and convenient way to pay, however, they may also offer criminals the opportunity to commit fraud.
Below, we look at the facts behind contactless cards, how fraudsters can take advantage and the best ways to avoid becoming of a victim of card fraud.
How do contactless cards work?
Contactless cards contain both a chip and an antenna that is used to carry out the transaction. When you hold your card on or near a card reader, the reader sends out a signal which is picked up by the antenna. The chip inside contains information about your account and using this information, the reader can process its payment.
Payments are currently limited to a maximum of £30 (previously £20) and are typically used for small retail purchases. There can sometimes be a problem with ‘card clash’ which is when two contactless cards, either payment cards or travel cards like Transport for London’s Oyster Card, both interact with a card reader at the same time.
Contactless payments are also quicker because payments are processed in batches, as Money Saving Expert explains “…[contactless] payment which is processed offline is one that's stored up in a batch by the retailer and then only processed 'online' to the bank later on – usually overnight".
Contactless card fraud facts
It may seem like contactless technology allows fraudsters an easy way to access your money without a PIN. However, contactless card fraud is relatively low in reality.
Because contactless technology limits the value of purchases, the total potential value of fraud involving these cards is reduced. If a thief steals a credit or debit card, there are far more lucrative types of fraud they can pursue than using contactless to make purchases without a PIN. Making online purchases worth thousands, using a fake address, will be worth far more than using contactless for small payments.
A 2015 test by the consumer group Which? found that it was possible to steal details from contactless cards using an easy-to-buy card reader and free software. They were able to extract a card number and expiry date from 10 different contactless cards, but not the name or CVV code on the back. Typically, this would not be enough information to make a purchase online, but Which? where able to purchase goods from certain online retailers using the limited card information and a fake name and address.
Another purported method that fraudsters use is to actually process payments by standing near someone on a train or in another crowded public place and reading their contactless card through their clothes.
Whether this is likely or even plausible is hotly debated. Giles Mason from the UK Card Association told Tech Radar – “Every card payment is fully traceable, right through to the recipient account, meaning if any fraud is reported the recipient is easily identifiable. It is theoretically possible that someone could use a registered terminal that is connected to a retail account, but it would be easy to track the thief down.”
When you consider that metal objects near the card would block the signal, the proximity required and the potential for card clash, the chances of successfully processing a payment are reduced. Comparing this technique to pickpocketing – which requires no additional technology and gives the criminal potentially greater rewards – possibly shows why this type of contactless card fraud is not as easy as it may seem.
How to protect yourself from fraud
There are steps you can take to protect yourself from contactless card fraud, such as ensuring you don’t leave cards in easily accessible pockets or bags. Another technique involves lining your wallet or cardholder with tinfoil to block any signals from reaching your card. If the do-it-yourself approach does not appeal, there are products on the market containing metal inserts that do the same job.
If your card is lost or stolen, make sure to report it to your bank or card issuer as soon as possible so it can be cancelled. There is a limit on how many times you can use a contactless card before requiring a PIN, which stops criminals from carrying out a large volume of small transactions.
You should also keep a close eye on bank statements and your credit report to look for any unusual activity.
- How secure is your email?
- Identity theft and fraud explained
- Financial fraud explained
- Best practices for avoiding identity theft
- Stay safe online: Creating a secure password
- Scam avoidance: A few ways to help stay secure
- Are smart gadgets putting you at risk of identity theft?
- Helping your children stay safe online
- Should you share your location on social media?
- Safeguard your personal information on video game consoles
- Would you do internet banking on your smart TV?
- How fraudsters use Wi-Fi hotspots to steal data
- How to avoid email fraud
- Preventing your child’s identity from being stolen
- Keeping your personal information secure when moving home
- Protect yourself from becoming a victim of SMS phishing
- Protect against identity theft when sharing photos online
- Safeguard your identity on mobile apps
- Your social media profile and identity theft
- What is credit card fraud – can you prevent it from happening to you?
- How fraudsters can hijack your browser
- Safeguard your identity on Facebook and other social media sites
- Going on holiday - keeping your identity safe
- How to prevent smartphone identity theft
- Shopping online – staying safe against identity theft
- How to spot and avoid romance scams
- Facial recognition and identity risk
- Dealing with phishing phone scams
- How cyber attacks happen
- Safer Internet Day – protecting children online
- 7 Signs of Identity Theft
- What Are Data Breaches?
- How to Spot a Phishing Email
- ID Fraud Overview
- How Financial Crimes Are Hidden in The Dark Web
- How much do you know about the Dark Web?
- Are you losing your identity?