Contactless credit, debit cards and what you need to know
Hackers can clone your credit, debit card by simply bumping into you from behind
Hackers can clone your credit, debit card by simply bumping into you from behind
The barter system of exchange has experienced several phases. The traditional means of exchange was subsequently replaced by cheque and cash transaction in the early 21st century. Thanks to the advancing technology, it didn’t take long for the debit and credit card era to prevail and soon the term ‘plastic money’ came into existence. However due to several technical and security problems, a need for a more secure, and quicker form of transaction within this type emerged.
To encounter such problems, contactless debit and credit cards were introduced. ICICI was the first bank in India to bring this form of technology into the market. The bank company was essentially followed by SBI and Axis Bank later on. However, though contactless cards are being issued, we still have to see a contactless POS everywhere.
How does it work
While using contactless credit or debit cards, the user need not necessarily swipe the card in the reader machine and later enter his or her PIN number. The card works by simply positioning or tapping the card on the (POS) machine. In other words, a physical card insertion is not required as opposed to using normal debit or credits cards.
Contactless cards come equipped with a small, radio chip which works on radio frequency identification (RFID) and based on the Near Field Communication (NFC) technology in order to establish a connection (within the range of a few cm) . In fact, with some card users need not even enter the PIN or sign the receipt while making the payment.
Contactless cards help double the transaction speed as compared to traditional credit and debit cards. Moreover, users feel more secure since the use of these cards do not give away details such as card number, CVV or PIN number. This eliminates the possibility of fraudulent transactions as the card remains within the sight of the users while the payment procedure is being carried out in under a second.
In addition to this, users can very well keep their cards stored in the wallet while making the payment too. Simply bring the wallet itself near the point of sale machine and complete the transaction. However, make sure you don’t have too many such cards placed together when making a transaction.
The NFC technology that contactless cards are essentially based on, greatly add to the users’ convenience. Not only can they be latched to mobile phone applications but they also improve operational efficiency by reducing maintenance costs. Yes, you can also transfer your card details to your NFC-enabled smartphone and use your phone to make payments instead of the card.
However, there are two sides to a coin. Numerous incidents wherein hackers were able to steal data from contactless cards by the use of simple mobile applications have given rise to major security concerns regarding this technology. In October 2014, Australian security researcher Peter Fillmore showed how he could clone Visa and MasterCard payment cards with an Android app running on a Google Nexus 4. He was successful at hacking such cards and was even able to make payments with it, reported Forbes.
“Contactless is great for usability, but it introduces security flaws that need to be fixed,” said Martin Emms, a research associate at Newcastle University in England, who has studied potential problems with the technology. “If someone bumps up behind you on the subway, they are close enough to skim the details of your contactless cards with an NFC reading smartphone or similar hardware.”
Apart from that, it sometimes becomes difficult to prevent accidental transactions from taking place. ‘The problems with double payment have occurred in the seven weeks since September 16, when Transport for London (TfL) introduced contactless card payments as an additional payment method to paper tickets and Oyster cards,’ the Telegraph reported. ‘A huge number of the accidental payments made as a result of what TfL calls \"card clash\" are being automatically refunded within 3-5 working days. TfL has automatically handed back about £300,000 to about 50,000 customers, with refunds averaging £5.93,’ the report added.
Another rising problem is how the PoS (Point of sale) machines can sometimes fail to detect the card if there happens to be a small damage to the card due to improper handling.
How to protect your card While using a contactless card, make sure the card remains within your sight. This is to ensure that third-party NFC reader is not able to collect the details from the card. Analysts also advice users to carry these cards in a special wallet that can block NFC or radio waves. Placing an aluminium foil over the card when inside a regular wallet can also help. Lastly, make sure your wallet does not have coins and harder materials close to these cards as they could damage the internal chip, rendering the card useless.