Are contactless card payments safe?

Who I am
Aina Martin
@ainamartin
Are contactless card payments safe?

We explain how they work and what you should do to buy with peace of mind

At the supermarket it happens more and more often, for small expenses (less than 25 euros): we give the ATM to the cashier, she puts it on the POS et voilà, the payment is made, without there being the need to insert the card itself in a slot, swipe the magnetic side, and least of all type the PIN. 





Someone might ask: isn't it that all this simplicity in transferring money could also be caused by hackers who were able to intercept our data? We assess the situation.

Modern payment cards, and even many smartphones, contain technologies RFID e NFC (an evolution of RFID) that allow you to store and transmit data thanks to a wireless chip.

L'RFID ("RFarewell-Frequency IDentification ", or" radio frequency identification ") is a technology for automatically identifying and storing a variety of information about any living thing or object. Chips work by storing data from electronic tags ("tag") who respond when they are interrogated remotely, in radio frequency, by specific readers ("reader")

 The devices RFID they are almost everywhere now. Just to stay in the example of a supermarket, the anti-theft adhesive labels are RFID that are hidden inside valuable goods and that sound the alarm when they are not deactivated by the cashier. I am RFID the chips contained in modern passports. The RFID they are also contained within the payment cards.

 

Do you want to surf without limits at 1 Gigabit with real optical fiber? Check if your area is covered and discover the incredible rate of InformaticsKings UltraInternet Fibra!

 

I tag used are in practice of two types:

- passive: they need a radio signal to be read by the readers; their limits are 1) the very short distances at which they can operate and 2) the scarce amount of information they can store. Credit cards contain just these, today with the most modern NFC technology.


- active: they use a battery to be able to transmit larger amounts of data further away. This is the case of the devices mounted on the dashboard of vehicles that allow you to pay motorway tolls.


The most burning question that arises is therefore: a hacker can remotely steal data from a credit card equipped with an RFID chip? In theory could do it, using a reader with a negligible cost (about twenty euros). Like? Just by being close to each other (for example, in a crowded tram) for a few seconds.

In theory, in fact. In practice, it should position itself less than 3 cm from the card to be cloned in order to receive the data. Even if he could read them, he would find himself with a handful of encrypted data unusable. Modern cards, in fact, are equipped with second generation RFID chip which offers much more robust protection than before. Also, to give the potential scammer the final blow, the chip works by generating a unique authorization code for each transaction, completely useless for making other purchases.

Lately a trend has spread, that of "safe" wallets because they are shielded from the eyes of readers. These accessories are simply lined with a aluminium sheet which protects the card (s) from prying "eyes". Sure, you could use a trivial kitchen aluminum foil, but besides being unsightly it would have a tendency to tear too often. For this reason (it is sufficient to do a quick search on the major online shops) there are entire catalogs of more or less elegant "protected" wallets.


But are they really effective? In and of itself, the shielding works. But what convenience would the potential thief have in carrying out a theft of data that would be encrypted (as we have already mentioned)? The same criminal could, much more easily, buy the data of thousands of stolen credit cards online for very little money and use them more profitably away from surveillance cameras and prying eyes.


The problem, more than anything else, lies in the contact of a thief with a card contactless (and also non contactless). What to do to prevent unauthorized use of our cards, then?

Here are some tips (also valid for purchases made with cards in general), certainly more useful than a shielded wallet ...

1) Do not store cards in pockets or backpacks or bags or places that are easily accessible. Beware of too crowded public transport, therefore, but also of the tables in a bar: a fraction of a second is really enough.

2) Don't let anyone walk away from you to make a payment: This is the time when they could use a skimmer to steal data from the magnetic strip

3) Always ask for a receipt or one received to prevent them from charging you a higher amount than advertised / agreed upon

4) Make sure you block any card that is blocked or lost immediately

5) Avoid semi-unknown or poorly reputed sites: do not entrust your card details lightly

6) Check your bank statements regularly and contested immediately any payments you do not recognize; obviously, it is better to block the card, if there are multiple payments, with a call to the bank's customer service and make a complaint to the authorities, to be then delivered to the bank itself

7) If the card has been used fraudulently online, you can make a written complaint to the card issuer, who must return the entire sum, without applying any deductibles, within 30 days. If you do not receive an answer, you can use theBanking and financial arbitrator

Audio Video Are contactless card payments safe?
add a comment of Are contactless card payments safe?
Comment sent successfully! We will review it in the next few hours.