Security measures for the UK's contactless card programme have been derided as 'chaotic' after it emerged that customers can still be subject to fraudulent transactions up to eight months after reporting lost or stolen cards.
An investigation by consumer Website moneysavingexprt.com has discovered that customers whose lost or stolen contactless cards have been cancelled may need to comb through months of statements to check for fraudulent transactions.
MSE cites the case of subscriber Justin Robson who discovered that his Halifax cards - cancelled by his bank when stolen last November - were used to make a series of fraudulent contactless purchases eight months later.
The problem arises when tap and go card payments are authorised offline by retailers without first going through the bank's filters.
"Our investigation highlights a chaotic system in which banks are powerless to prevent cancelled cards being used by fraudsters, and don't even know when the fraud will end," says MSE. "And while some banks prevent accounts being raided by this type of fraud, others leave it to unsuspecting customers to spot dodgy payments - even though they can start happening months down the line."
Industry bodies say there are no readily available figures for the number of contactless cards lost or stolen every year, but there were 152,727 cases of fraud involving lost or stolen debit and credit cards reported in 2015.
The UK Cards Association states: "Fraud on contactless cards is rare and considerably lower than overall card fraud. Consumers are fully protected against any fraud losses and will not be left out of pocket.
"As always it is important to check bank or card statements regularly for any unusual transactions, especially if a card has been lost or stolen. When a customer reports a lost or stolen card they will be advised to report any transactions they do not recognise to their bank."