/industry-wired/media/agency_attachments/2024/12/04/2024-12-04t130344212z-iw-new.png)
/industry-wired/media/agency_attachments/2024/12/04/2024-12-04t130332454z-iw-new.jpg)
/industry-wired/media/post_attachments/wp-content/uploads/2020/06/Contactless-Payment.jpeg)
Are contactless payment living up the hype of being 100 percent secure?
COVID-19 has catapulted us towards some futuristic changes that are now normal habits. One of them is using contactless payment technology. While we did have apps like PayPal, Google Pay, Paytm, and few contactless cards, now the dependency on these features has grown multifold. WHO has also asked people to switch to contactless payment in this tragic time. In a global consumer study conducted by MasterCard in March this year, 70 percent of respondents in the Middle East and Africa (MEA) region stated that they now use some form of contactless payments for safety and hygiene purposes. Eighty-one percent of the respondents said they would continue to use contactless post-pandemic. But this sudden cataclysmic rise of contactless payment does highlight questions about security and security risks of these modes of payment.
Are they safe?
As social distancing gained traction, the contactless payment did too. When contactless payment apps were first rolled out, there was a huge outcry that thieves could read card details wirelessly from the phone. However, fears surrounding this potential threat subsided quickly. For instance, In the case of Google Pay or ApplePay, card details are only transmitted when the phone detects a Chip & PIN machine that is requesting payment. This means it requires either a passcode, or thumbprint, to complete the transaction, and the 16-digit card number transmitted is semi-randomized per transaction. These features give contactless payments via a phone another level of security in cases where the phone is either stolen, or a receipt is dropped at the point-of-sale terminal displaying the full card number.
Are they prone to risks?
There are claims that contactless doesn't increase fraud and is secure. But the reality is otherwise, especially in case of contactless cards, which are at higher risk. These cards use NFC (near field communication) technology, a radio-frequency that allows the card to communicate with the POS device wirelessly. It ensures quick and accurate payments, and customers never have to swipe their card or enter a PIN—E.g. payWave. Hackers generally scan people's pockets in public to steal their information by using card cloning devices. This is known as card skimming, which uses radio frequency identification (RFID) that the cards used for payment. Moreover, when downloading contactless apps, there is a possibility of malware or man-in-the-middle (MitM) attacks that can steal sensitive private information from our phones.
Popularity during COVID-19
As mentioned earlier, MasterCard saw a huge gain during the COVID-19 pandemic in the MEA region, so did other areas. On April 1, the UK started to increase its limit from £30 (US$37.34) to £45 (US$56.01), while Ireland boosted its maximum contactless transaction value from €30 (US$32.56) to €50 (US$54.26) nationally on the same date. This was done by respective governments to enable consumers to use contactless payments more regularly during the pandemic without exchanging cash. According to Barclaycard, after this raise on contactless transaction value limits, it has processed over 7 million contactless payments in both the UK and Ireland.
In May, 50 percent of US consumers reported using contactless payment methods at least four times, with 69 percent agreeing contactless payments were more convenient than cash.Meanwhile, the Strawhecker Group and the Electronic Transactions Association reported that 27 percent of US small businesses had seen an increase in customers using services like Apple Pay, according to a survey of 361 companies released in April. In fact, many stores are encouraging customers to use contactless as much as possible to reduce the virus' spread. And with 5G entering the market, these figures are going to increase rapidly.
What can we do?
Since it is evident that the dependency of contactless payment is not going to subside in the future, one can adopt some measures to minimize the theft risks. The first step is to ensure that all transactions are encrypted and have multifactor authentication (MFA).Make sure that the card-issuing company adheres to all Payment Card Industry (PCI) Security Standards Council guidelines for credit card transactions and all data privacy regulations for using and storing any information gathered. This shall eliminate the risk of selling private information to third parties. One cannot predict when the next threat is approaching, but just by following these steps can add a layer of safety to the contactless payment.