CONTACTLESS OR NFC WALLETS, ARE THEY WORTH IT?

Would you feel worried if you were told your contactless cards are not protected? Let’s take a look at NFC wallets and contactless cards.

Contactless cards are cards that have an embedded microchip and integrated antenna to enable wireless communication of data. Most of us will have an updated debit card that have an additional feature of it being ‘contactless’ payment or NFC enabled – to check if you your card is NFC enabled look for a four-curved line symbol which indicates a radio transmission symbol or logo. This feature allows quick and easy payment for goods and takes away the pain of trying to remember your PIN number with every payment.

These NFC cards have been rising in popularity with a reported 58 million cards in circulation and a total spending of £2.32 billion in 2016. Many stores and popular chains are taking the initiative on this by offering the facility to pay via this method.

There are, of course, concerns over the card’s information being stolen or cloned wirelessly. As with any other method, none appear to be completely safe.

THE NEW ARTFUL DODGER-LIKE-MENACE

Identity Theft, Data Skimming and Electric Pickpockets are amongst new menaces to add to the list of more traditional pickpocket’s methods and targets; although nowhere near at the same level.

Across 13 major UK cities there were more than 2,000 incidents of pickpocketing throughout Christmas last year, with wallets, purses, cash and handbags the most common target, according to a Freedom of Information request from West Midlands Police.

Although the preferred techniques of this crime stay unfortunately and persistently in the ‘Artful Dodger’ style, sleight of hand and opportunism; there are examples of the newer form of RFID skimming.  This is an illegitimate reading of RFID payment card chips through RFID reader devices and APPs to download the card details. The hype around this ‘new’ type of theft was somewhat initiated by the release of a video in 2015, anchoring a barrage of newspaper headlines regarding contactless cards – the future, then, looked pretty bleak!

The press and technology experts warned that if a hand-held scanner was held close to a card, the operator could intercept the NFC data, reading the card number. Whilst it is true, that when tested, some cards had security flaws and the ‘skimming ‘method was possible; regarding the read-distance, the scandalous video suggests that either a pretty powerful device was used to read the details or the opportunist was exceptionally close to the victim!

CHRISTMAS SHOPPERS, WHAT SHOULD YOU DO?

The likelihood of this RFID card skimming plague is now thought to be less likely than previous concerns demonstrated. The main reasons: the necessary read-range is incredibly short, the information gained would not be sufficient to make a fraudulent online transaction worthwhile and, ultimately payment security systems still remain robust.

• The NFC (Near-Field Communication) – the emphasis on “near” means on Visa’s website, for example, demonstrate a distance of 4cm from your card to the reader before it will be triggered. Therefore, for an NFC-enabled device that needs be that close to your card to ‘skim’; the chances – unless you are completely oblivious or extremely careless – are it won’t happen.
• The information stolen from your cards via NFC – typically the card number, the card’s expiry date and the card’s transaction history – is not enough for online fraudulent use; the CVV2 number at the back of the card is required.
• Security regarding contactless payment terminals still remains ahead of the opportunist’s game as with Visa’s Paywave, offering the same level of security as EMV chip cards which create one-time only authentication codes per transaction.

IF IN DOUBT, WRAP YOUR WALLET ALONGSIDE THE TURKEY

The consensus of opinion about whether RFID-enabled contactless cards have security vulnerabilities, clearly defines that it is likely they do not, rather than them having major issues; overall, most people are considered to be more at risk to attacks online by professional criminals hacking into personal bank accounts. If a ‘skimmer’ did get close enough to steal card info using RFID technology, it could only be used for a single transaction – not very lucrative – even for a real Fagin! Unfortunately, ATM or point-of-sale machines, still allow thieves to gain far more potentially useful data in much greater numbers.

By all means research the value of RFID-blocking wallets, purses, card holders etc. and maybe consider replacing your old items with these new designs (generally, they have a layer of wire mesh inserted, that blocks the RFID signal) – a useful Christmas or birthday gift perhaps? There are thousands on the market, possibly adding an extra barrier of protection versus the high-tech pickpockets – or ( a cost efficient and just as effective trick!) you could just wrap your cards in a layer of aluminium foil – which as a metal material blocks any communication signals from the card to any potential reader – before you go ahead with the seasonal turkey dinner preparations, practice also for those awkward little stocking fillers!

FUTURE GENIUS DA VINCI STYLE

‘Da Vinci Choice’ is a new mini card-sized computer – with its own screen and keyboard, and allows the customer to pair several contactless cards to it. The technology has developed one-use PIN codes, thus helping to reduce opportunity for theft or fraud. Smart technology will certainly lead the way for developing payment methods, allowing collaborative, adaptive, products for users within real environments. Only time will tell how payments will be made in the future, but you can bet the battle against fraud and theft will be a determined one!