With the news that contactless debit cards can be manipulated to transfer thousands of pounds, bypassing the £20 transaction cap, Keiron Dalton, a mobile security expert at Aspect Software, suggests that favouring customer convenience over security has left holes that are too easy to find.
Keiron Dalton, who is a Product Manager for Aspect Proactive Engagement Suite at Aspect, said:
“Although this fraudulent tactic – discovered by Newcastle University – has not been seen in action yet, it goes to show that those with criminal intent will always hone in on the next weak link in security as technologies like mobile banking advance.”
Dalton explained: “Scammers can change the standard £20 card limit through setting card scanners to use foreign currencies, even through something as simple as manipulating a mobile phone. This is a major issue and one that banks need to address. But customers won’t give up contactless so soon.”
The UK Card Association’s latest figures for contactless payments show that the number made has increased by more than 225 per cent in the 12 months to June 2014, demonstrating the payment method’s continual popularity for Britons.
“Contactless debit cards were designed for simplicity, convenience and ease of use, which is something that modern customers have come to expect in their daily lives more than ever before. Speed and mobility are at the forefront of what customers want, people do not want to be hanging around having to type in a PIN every time they want to buy a sandwich, they want to be able to pay quickly and get out. It goes without saying that newer payment methods such as mobile payments – with Apple Pay being a prominent market example – are facing the same issues.”
Dalton continued: “Banks are under increased pressure to offer quicker and simpler solutions for people to manage their money and perform transactions, because if they can’t, people will simply move on to another provider who can satisfy their needs.”
Dalton added: “Just because there has been no reported cases of this type of fraud taking place yet does not mean these or worse tactics could be used in the future. Those with negative intent are experts in their industry and prey on weak links where convenience was favoured in spite of security.
Dalton believes that customers can be protected from potential threats such as contactless debit card fraud, but there needs to be leeway between both the public and banks.
“The key issue for banks is finding the balance between mobility and security. It is important that banks realise that security and simplicity are not so different, and that working to combine both can keep customers happy and loyal, and above everything else – protected,” he concluded.
For additional information see Aspect’s Company Profile