What you should know about making a contactless payments
How easy is it to get at data stored on your contactless bank card, it’s easy than you think.
Card data scanned without authorisation
BBC Rip Off Britain investigate how easy it is to use your bank card data scanned using a smart phone, all this is possible with shocking results. The security expert makes an Amazon online payment using the scanned card data.
It is claimed that by keying an amount into the terminal and holding it against the pockets of unsuspecting targets, he could steal money out of their accounts via their contactless cards.
There’s not much context to the picture, and there’s nothing to suggest the man is a new kind of ‘digital pickpocket’. But it’s theoretically possible to steal money in this way, and it’s got some people worried.
Some card machines in shops, cafes and restaurants need to be connected to a landline terminal to work. More advanced devices, which are common across the country, use GPRS to make a connection – allowing merchants to take card payments almost anywhere.
If a thief had one of these GPRS-enabled machines, they would be able to ‘skim’ victims’ contactless cards almost anywhere, without them knowing.
However, most banks require their customers to have a business bank account if they want to take card payments – starting one of these accounts naturally involves handing over personal information to the bank, making the criminal traceable if a victim noticed the transaction on their statement.
Customers could get a refund from the bank if they spotted the fraudulent activity, and if the bank traced the theft to the criminal’s account, they could get shut down. But by that point, it might be too late.