Contactless card owners warned against public transport scanner hack
Facebook post has gone viral, after a man, Paul Jarvis, saw a thief scamming people out of their money in a tech-savvy manner.
He was putting through payments of less than £30 in a wireless card reader and touching it on wallets of unsuspecting people. Mr. Jarvis took a picture and posted it on Facebook, writing:
“So this guy was spotted wandering round with a Point of Sale (POS) device. All he has to do is key in a price less than £30 and then touch the device on the pocket that contains your wallet.”
“Ching! You’ve just been charged automatically on your touch pay enabled credit/debit card…. We just tried this in my local pub with their POS device and it worked…”
And it’s true – some card readers can scan through wallets.
Contactless cards are now wildly popular, and used in one in seven sales.
While much of this increase came from the introduction of contactless fares on the Transport for London network in late 2014, Visa Europe said the technology had already spread far beyond the capital’s buses and trains.
“Sixty percent of contactless transactions now take place outside the M25, confirming this isn’t just a London phenomenon. At this rate, cash will be seen as a peculiar way of paying for things in as little as five years’ time,” said Kevin Jenkins, UK and Ireland managing director.
Cashless payments overtook notes and coins last year, according to the Payments Council. While it took plastic cards 49 years from the first Barclaycard to become the dominant payment method, contactless technology has grown rapidly since the first UK transactions in 2007.
There have been security worries with contactless cards in the past.
The “tap and go” cards, which can be used for purchases under £30 without the need to enter a four-digit PIN or signature, do not require automatic authorisation from banks.
Purchases therefore may not appear on a customer’s account for some time after a card has been reported lost or stolen, leaving thieves free to keep using them at will. The onus is then on the customer to check their statements and report any subsequent fraudulent activity to their bank in order to apply for a refund.
RBS and NatWest, admitted that “in theory a small number of contactless transactions could be made before the card is blocked.”
Barclaycard said: “When a customer reports a card lost or stolen, a block is applied to the card preventing all further activity. However, some contactless transactions are processed offline so may not appear on a customer’s account until after the block has been applied.”
“We offer a 100% fraud guarantee for anyone who is a victim of contactless fraud .”
Source: Helena Horton, The Telegraph