Until recently contactless card fraud meant the relatively unlikely scenario of people pinching 30 quid at a time using card readers in close proximity to an unwitting card owner, as depicted on the left. But this week’s revelations that cancelled cards can still be used in certain circumstances is really quite shocking.
I have to admit to being fairly staggered by what I have read today. I work in the industry and pride myself on being fairly well-informed, but today it came to my attention that contactless credit and debit cards can still potentially be used, even AFTER a card has been cancelled. What?
I have always worked in this industry under the premise that we as card-holders are protected by consumer rights, the Consumer Credit Act etc etc etc. In short, my fairly basic understanding is that if a card is used fraudulently, 9 times out of 10 then the money will be refunded to me by the card acquiring bank. But how on earth can this work if the card is still being used unbeknownst to ANYONE except me, unless I go to the trouble of trawling through all of my old statements? I appreciate that I should be accountable if I have acted negligently, but if I’ve bothered to cancel my card, how can I by any stretch of the imagination be accused of having acted without due care and attention!?!
The problem seems to be that some contactless transactions are conducted offline, and are approved without the card being checked for validity in real-time. This I find pretty incredible but I’ve also read some other fairly jaw-dropping statements today, here’s 2 of the worst…
FCA chair, John Griffith-Jones, said it was urging banks to remove “any onus on customers to identify fraudulent transactions”.
Andrew Tyrie, chair of the Treasury committee, said: “As things stand, in order to mitigate the risk of fraud, customers are expected to comb through their bank statements months after they have instructed their banks to block their lost or stolen cards”.
Oh my goodness. “Urging” the banks? FCA lets not see a return to the era of the rather toothless FSA please. As for me BEING EXPECTED to wade through paper statements (which I would have to pay for the privilege of getting in this electronic only era) in order to check for transactions on a card that I have ALREADY cancelled… well frankly I’m speechless.
I have also been “reassured” today that only about 0.5% of overall card fraud is in fact committed using contactless cards. Well lets not forget that in December, £3,370.6m was spent in the UK using a contactless card. So the numbers are still pretty huge, and likely to grow, especially now that this story is out and the flaw remains unplugged.
I also read a rather bland statement about how this is “likely” to “dent” consumer confidence in contactless technology. No kidding. Yes we love convenience and our appetite for the ease of a contactless transaction seems to have grown without so much as a consideration for the questions that the technology leaves unanswered now that we are abandoning chip & pin with such abandon.
This NEEDS to be addressed by the banks, and quickly. Please like, share and comment in order to continue to raise awareness of this rather amazing vulnerability in our card payment ecosystem.
Finally, thanks to the Guardian and Money Saving Expert for bringing this issue to our wider attention.