Dispelling the security myths around contactless cards

Dispelling the security myths around contactless cards

Contactless payment is surrounded by myths about its security. Many consumers, not well-versed with this mode of payment, are wary of adopting it. Yet with the technology involved, it is the most secure payment method available. It is the biggest growing payment method today, and is likely to take over as the main way to pay for millennials in the future.

No reason to believe myths

Contactless payment, like all cards nowadays, uses Europay MasterCard Visa (EMV) technology. There is an embedded microchip in the card that helps to make payments secure by using Tokenization to fully encrypt the cardholder’s data. Combine that with Near Field Communications (NFC) terminals and it makes it more secure than any card payment method.

Scanning the card to steal data

Near Field Communications, or NFC, is a communication technology based on the Radio-Frequency IDentification (RFID) system. RFID is the technology used for the modern replacement for barcodes on DVD’s and other high-value goods, or the tollbooth tags that let you pass through without stopping to pay a cash toll. However, while RFID can be read from several meters away, NFC technology can only work if the card is within 4 centimetres of the terminal.

One of the concerns with contactless payment is that a hacker may steal cardholder information with a long-range RFID reader. However, with the transmission of data between card and terminal being limited to just 4 centimetres, this is definitely one myth that can be ruled out.

There are also those who wrongly believe that contactless cards constantly emit radio waves. This is not the case as the chip in the card does not possess a battery of its own. 

Close range or long distance skimming trigger fear

Another impossible myth is that someone will have obtained an NFC reader, and will stand next to you in the line or store and steal the card data from the wallet in your bag or pocket. A thief can neither steal from you from a distance, as certain people may believe. This method of virtual pickpocketing can never happen. 

The NFC relationship required to read the cardholder’s information can only be done through a valid point-of-sale (POS) terminal that has been provided by the retailer’s partner bank. In addition, the card and reader need to communicate in an EMV secure setting, which means a payment transaction would need to be completed.

In that hugely unlikely event that a hacker had or was able to steal a genuine POS terminal, the transaction would show up on the banking network as a processed transaction. If the culprit were using a genuinely owned terminal, he would be caught. If the terminal were stolen, it would have been reported as such by the original retailer and blocked on the network.

Stolen cards entail larger losses

As with all stolen cards, as long as it is reported stolen promptly, the cardholder will not be liable for any fraudulent transactions. The common belief here is that the card can be used limitlessly without the need for using a personal identification number (PIN), and the thief may use it a lot before it is reported stolen. This is not a feasible scenario with the contactless cards. Any losses would be very low indeed, since the card’s contactless ability needs to be reset after every few transactions by use of a chip and PIN card reader.

And once reported, those small losses are normally reimbursed by the banks. Another thing to remember is that the chip and PIN is still required for larger transactions, so the cardholder is doubly protected, since the thief will try to get as much use as possible before the card is reported stolen.

Duplication of contactless cards is easy

It is not plausible to duplicate a contactless card. Much advanced than the old magnetic stripe card, EMV cards possess numerous protective features against fraud. Unlike magnetic stripe cards, the chip does not hold sensitive data of the user and every time a transaction is made, a unique one-time code is activated. As such, even if an EMV card is stolen, the thief will not be able to use it as information will not be duplicated.  

So the myths can be dispelled and there is little need to worry with contactless payments. They are, without a doubt, the most secure payment method available. And since the card is not out of your hand during the transaction, there can be no possibility of cloning by swiping through a reader.


 Image: Shutterstock