Bookmark with: What's this?

Are Contactless Payments Secure?

McAfee Question Contactless Payment Security

21-May-2008, Writes Dan Drage dan.drage@consumerchoices.co.uk

It is estimated that by 2011 around 50 million people will be utilising contactless payment technologies, but are they safe?

Leading IT security specialist McAfee has called into question the safety of contactless payments. Contactless payments are those made with your mobile phone via SMS messages or the ‘wave and pay’ method. Effectively, your mobile phone takes on a triumvirate role of debit card, oyster card and cash.

Greg Day, a leading analyst at McAfee, has expressed his concern over the security implications surrounding this type of payment:

‘You'll soon be able to do everything with your mobile phone, from paying for a parking ticket via text message and conducting online banking, to using your mobile as your Oyster card.’

"Mobile phones are already a highly prized commodity for thieves. The idea they may become even more desirable worries me’"

He continues:

‘It makes me quite nervous. It's to this type of contactless small payments arena that smart data criminals will turn: if they just take a fiver from everyone, rather than larger sums from fewer people, they'll still make a fortune.’

Britain's banks and card issuers, with Barclaycard at the forefront, are starting to update debit and credit cards. Contactless technology is being gradually rolled out, allowing transactions of 10 pounds or less at participating retailers and vending machines simply by waving the card over a reader.

Despite this technological evolution, the majority of mobiles have no security software installed on them.

Chris Eagle, Commercial Manager at Credit Choices, is both cautious and optimistic:

‘Mobile phones are already a highly prized commodity for thieves. The idea they may become even more desirable worries me’

He continues:

‘However, by 2011, a set of guidelines and security criteria should have emerged so the culpability in contactless payment fraud cases can be easily identified. For those who consider their mobile phone to be a high risk payment device, there is always the Barclaycard OnePulse (www.barclaycard.co.uk) card as a viable alternative.’

Bookmark with: What's this?

We want your views, register and comment on this article

Already Registered?

We will contact you if we can help with your issue, your number will not be given to any third party.

Terms and Conditions Apply


Comments

On the 4th April I odered on-line Mcafee computer security and was quoted £31.19 for this service, however on my Visa statement it shows you have charged me £49.99, why is this ?. - Apr 24 2009 10:39AM
Ernest Underwood, UK

As someone who works with contactless (proximity) technology, this new facility scares me. The electronics required to read the contents of a card can be fitted on a circuit board the size of your thumbnail. Couple that with a way of storing the data stuck in your pocket, you have an immediate security risk. All it takes of for the "Reader" to be passed within 10mm of the card in your wallet or purse, and the contents could potentially be read. It will be encrypted but it won't be long before the algorythms are figured out and there will be electronic thieves wandering around passing hands over bags, wallets and pockets reading cards.

That scares me.
- Nov 3 2008 9:18PM
Kevin Sneddon, Falkirk