Written by: Cally Worden
What could be safer than something you don’t touch, right? Hmm, well in the pre-digital era that may have held true, but with the emergence of contactless payments how much do you really know about who is ‘touching’ which bits of your financial data when you wave your card at that little machine?
With contactless payments on the rise (you can now make single purchases up to ¬£30, a 50% rise from the previous limit of ¬£20) it’s only a matter of time before they are being used for all manner and value of purchases. Here is some useful info on how they work, to help you make your own mind up about how safe they really are.
What Are Contactless Payments?
Most of us are familiar with handing our cards over to be swiped or wedged into a machine for payment. We then check the amount and enter our PIN before the card is returned to us with our receipt. With a card that is enabled for contactless payment is has a wave symbol on the front. To use it, you keep your card in your hand, and simply tap it on or wave it near the payment terminal in the right spot – there is no need to enter your PIN, as the terminal automatically reads the data it needs from the contactless data holder on the card. Contactless data can also be transferred from a key fob, smartphone, or any other device that has been enabled for the service. Nifty, eh?
How Secure Is It?
Banks and retailers assure us that the contactless payment method is as secure as handing over your card or placing it in a device yourself and entering your PIN. As with any modern payment mechanism the contactless payment cards and the terminals that read their data are laced with multiple layers of anti-fraud technology. The way in which information is transferred between devices is secure and very difficult to capture.
Can I Make Contactless Payments Anywhere?
No, not yet, but the technology is being rolled out across a wide range of retailers, including many supermarkets and restaurants. If demand continues to rise those places that do not yet offer it will eventually be obliged to do so or risk the wrath of their customers. Well known names where you can already avail yourself of contactless payment services include Tesco, M&S, and Pret A Manger. The wave symbol on your card that indicates it is contactless ready will also appear on any payment terminal that is enabled to accept such payments.
How do I Activate my Card?
Upon receipt of your contactless card in the post you will need to contact your bank in just the same way as you do with a standard bank card. This is to protect you from anyone intercepting your card in the post and wandering off to use it without your knowledge. The activation process is typically straightforward, with a number to call or a simple process you can work through at an ATM or cash machine inside the local branch of your bank. For most contactless cards in order to complete the activation process you need first to make a standard chip and PIN payment as the final security measure. Then your card should be ‘live’ and ready to go contactless.
Is There Any Charge for Contactless Payments?
Nope, and just in case you’re wondering, contactless payment terminals have been created with special powers that should prevent you accidentally paying twice for the same thing.
How Far Does the Contactless Reader Reach?
If the contactless reader can lift data from your card just by seeing it then it’s not unreasonable to imagine that just passing a reader with your card in your hand may prompt payment to be made, or your data to be vulnerable to capture. There is no need to worry – contactless payment terminals are programmed to require instruction from an operator before they can accept payment, and the window within which that payment can then be made is fairly short. And your card must typically be pointing the right way at only 2-10cm away from the reader during that window for any payment to be successful.
Am I Protected from Fraud?
Each time you make a payment with your card, contactless or otherwise, the chip applies a system of unique electronic signatures and complicated codes, limiting the likelihood of your card being cloned or somehow intercepted during information exchange. Your bank also keeps an eye on your payment profile and habits and will flag any suspicious behaviour. And from time to time a contactless device will ask you to enter your PIN as additional security. This random measure adds another layer of protection. Your bank will cover certain amounts if your card is lost or stolen and used by a third party. This protection does vary and has limits, but this is no different from any type of payment card. Most providers recognise that fraud and identity theft are a real problem, and have insurance to cover this.