Your latest bank card should allow you to pay for things with just a tap. Since 2016 many of the credit or debit cards in circulation globally are fitted with a RFID chip, turning your once dumb card into a fully-fledged contactless smart card. As with any innovative technology, the bad guys are one step ahead.
The risk of fraud is now very great. Before the advent of RFID cards, thieves used to target ATM’s by installing card skimming devices to read the card details on the magnetic stripe and a miniature camera or a secondary keypad to capture your PIN. Now, your card can be targeted with an NFC enabled smartphone even when it’s in your wallet or purse!
Which! researchers tested ten cards and found all of them had this security flaw. They were able to read the card number, expiry dates and even the details of the last ten transactions, although no CVV or cardholder’s name could be retrieved. Despite this, they were able to go online and order a £3000 TV.
Industry figures suggest contactless card fraud is low, amounting to 3.1p in every £100 spent using the technology, according to Financial Fraud Action UK. However, it is possible that these figures do not reflect all losses – because fraud that is directly attributable to the contactless functionality of debit or credit cards cannot always be recorded as such.