The National Payments Plan progress report that was published in June highlighted the Payment Council’s continued focus on alternative payment technologies such as contactless. The two-year progress update references the
“Review of the contactless and prepaid card markets” published in May 2010, which highlighted concerns raised by a number of consumer representative organisations around the security of contactless payments. This report states that “a lack of consumer
trust in the system was seen as an impediment to uptake, and one that could only be resolved by ensuring that security standards are high and that contactless products deliver a good level of consumer protection.”
So are contactless transactions secure? As
discussed on paymentssecurity.com, the industry has been careful to add security on both the contactless devices and in the processing network and there are several key aspects to contactless that protect the consumer from fraud. Firstly, contactless cards
have a unique built-in secret key on the card which generates a unique Card Verification Value or CVV. Secondly, the networks have the ability to detect repeat transaction information (and consequently repeat attacks) which has been a problem in the past for
other types of transactions. Thirdly, there are limits to the number and value of the transactions that can be made before you have to enter a PIN and this prevents large sums from being stolen. Finally, the processing of contactless payments does not require
the use of the cardholder’s name and some cards do not even include the cardholder’s account number so unlike traditional payment methods, user information cannot be stolen to perpetrate high value or identity-based fraud.
Despite these steps, consumers will naturally be wary of contactless as they have become used to securing their card payments by using their PIN. One way to tackle this would be to ensure that educating consumers around this issue is part of the existing
education plans outlined for electronic alternatives to cheques (see
“The future of cheques in the UK” report) in order to ensure consumer confidence in, and adoption of, contactless payments.