Jump to content

Talk:Contactless payment/Archives/2015

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia


Security - Pocket theft

After reading several articles, it is still not clear to me how simple theft using a normal reader, moved close to a persons pocket, is prevented. Let's look at the following scenario:

A person (thief) buys a contactless card reader (easily available, according to http://www.theguardian.com/money/2015/jul/23/contactless-card-is-too-easy-says-which). I'm assuming a portable reader here. The above person puts the reader in his bag, and starts walking around groups of people (perhaps some minor modification is necessary to initiate payments automatically or with a remote button). Every time the person sees someone with a wallet in a pocket he/she gets closer than 4 cm.

The above will be much easier than ordinary pick-pocketing, and basically impossible to detect, if executed well. If 20 victims are robbed of $20 dollars each per day, the total of $400 per day will soon pay back the expense of the reader.

Some pages compares the security with former technologies, with the argument that it's "at least as safe". I've listed some here, and my thoughts about them:

  1. Large amounts cannot be stolen (See Myth nr 5, http://canada.creditcards.com/credit-card-news/contactless-payment-myths-1264.php) - Large amounts would be detected anyway, and the bank would rectify it. The larger problem is smaller (below the limit of $50, $100 or €25, depending on country) that will not be noticed by most people.
  2. The contactless range is short - Even 4 cm is enough to not need to touch another person
  3. Very little theft has been reported (see 7, http://www.smartcardalliance.org/publications-contactless-payment-security-qa/) - In many countries the technology is still new, so it might increase. Also, if small amounts are stolen from each person, the victims will not notice, and the theft will not show up in statistics.
  4. There are many layers of security (see 7, http://www.smartcardalliance.org/publications-contactless-payment-security-qa/) - No layer appears to protect from the above scenario
  5. A photo of your credit card is comparable in terms of security (See myth nr 4, http://canada.creditcards.com/credit-card-news/contactless-payment-myths-1264.php) - You can protect your card from being photographed by simply keeping it in your wallet. With a contactless card in your pocket, you are constantly exposed. — Preceding unsigned comment added by Ulfwin (talkcontribs) 12:09, 25 September 2015 (UTC)

I'm considering to add the above to the wikipedia page, but there might be something I'm missing, especially since I'm not able to find a serious discussion about this specific issue. Please let me know if you have explanations or references that defeats my argumentation (or confirms it). — Preceding unsigned comment added by Ulfwin (talkcontribs) 11:59, 25 September 2015 (UTC)

The whole thing is nonsense. You need more than just to interface with the card. You have to have some way of getting paid, and it's not like banks hand out the facility without some pretty good proof of identity and so-on. — Preceding unsigned comment added by 77.96.230.11 (talk) 15:07, 10 October 2015 (UTC)