3 myths about security flaws in contactless payment cards

2017-12-14

Users of non-contact payment cards, which become more and more popular, are confronted with the power of the myths about the risk of dangers, that the scammers can scan such cards at a distance and thereby empty the bank accounts. Andrius Kamarauskas, Deputy Director of the Banking Products Department of Šiaulių Bankas, believes that there is little truth in such messages and denies the three most common myths about the contactless payment cards.

Myth 1: Scammers can steal card data at a great distance
One of the most popular myths that frighten contactless payment card owners says that scammers can use long-range RFID scanners and steal the card data. They would then probably be able to access cardholders' accounts and seize funds. RFID is a marking and tracking system based on the use of a radio frequency signal for recording and scanning information.

Reality
In fact, such scanners cannot obtain data from contactless payment cards. The NFC (Near-Distance Data Transfer) technology used on the cards transmits digital data only at very short distances (4 cm or less), so no communication can take place out of this range.

Myth 2: Data can be stolen by very close approach
It's said that anyone with a NFC scanner can scan contactless payment cards in your pocket or purse, for example, while you are on a bus. What's more, this helps to scan enough data in order to counterfeit a payment card and pay at trade outlets or shop online.

Reality
Only a minimum amount of information (card number, card expiry date and dynamic one-time number that safely identifies each particular transaction) is available upon contacting a payment card. Contactless method does not access even your name and address. So cloning of the contactless payment card is not possible, because the data collected with the means of a secret scanner will not be enough.

Only the actual electronic card reader provided by the bank or another licensed payment service provider can communicate with the contactless payment card, and the person who attempts to use a genuine scanner for fraud will be promptly disclosed.

Myth 3: Stolen card brings big losses
Low-cost non-contact payments can be done without entering a PIN code, so this myth says that a thief can steal a lot of money by doing a lot of low-value purchases.

Reality
Even with lost or stolen card, it will not be possible to make many unauthorized payments before it is blocked. After a certain number of non-contact payments, the card will be checked for whether it is used by its true owner by asking to enter the PIN code, and only then it will be possible to pay without PIN again. When you report a lost contactless payment card, it will no longer be possible to use for payment. In addition, after making sure that the transactions were performed not by the cardholder, the bank will cover the losses.

 

If you still do not want to use non-contact card, you can refuse from contactless card function by informing the bank by calling 1813 (or +370 37 301 337 if calling from abroad) or by filling out a free request form in the online banking system SB linija or by visiting the customer service department.