Which? has found that stealing your card details is all too easy with contactless cards, but it has a simple solution.
A foil lining in your wallet will stop your contactless card being read by accident or being exposed to fraud, according to Which?
This advice comes after a study from the consumer group revealed how easy it is to steal someone’s contactless card details. It's possible for someone standing close by to 'lift' important account details without the cardholder’s knowledge.
This can be prevented by wrapping your wallet lining or card in tin foil as the foil deflects the reader and shields the card, even when they're in close range. If you fancy a guard that's a little bit more refined however, there is a selection of metal card holders available from Amazon that will do the trick.
Which? also advises you to take your card out of your purse or wallet if you want to make a payment to avoid paying twice or with the wrong card.
Now that there are 58 million contactless cards in circulation, payments are increasingly moving over to contactless with the rising popularity of mobile payments and the recent launch of Apple Pay.
How it was tested
From there, it was just case of buying an ‘easily obtainable’ reader and downloading free software. The reader was able to remotely pick up the card number and expiry date from all 10 cards along with limited details from previous transactions, though none revealed the security (CVV) code on the back.
This method of data theft was first reported two years ago, according to Richard Koch of the UK Cards Association, adding that you can only get information that’s on front of the card, such as the card number and expiry date.
He says that for the majority of retailers you’d need the security code and the cardholder’s address to make a fraudulent purchase online, neither of which can be accessed electronically.
Worryingly, this didn’t matter in some cases as the Which? researchers were able to make purchases without that all-important CVV code.
Two items were bought, including a £3,000 TV from a mainstream online shop. What’s more, they were using a fake name and address as well as stolen card details.
The UK Cards Association says that although contactless encryption levels have increased, it’s still possible for cards to be read remotely.
From 1st September, the contactless transaction limit will rise to £30. However, online transactions have an unlimited transaction amount as they are not contactless so web purchases are more liable to be made fraudulently.
According to the most recent statistics, the amount of money lost to fraud is 0.7p for every £100 spent on contactless - less than on non-contactless cards overall.
There’s full protection against fraud losses on contactless cards anyway. Your provider will refund money lost through fraudulent contactless payments, as long as you have acted reasonably to keep your card safe.
More on fraud:
Be the first to comment
Do you want to comment on this article? You need to be signed in for this feature