Slashdot Mirror
Are Contactless Payments Really Secure?
berberine writes to tell us Ars Technica has a closer look at whether the RFID technology behind many of the up and coming "contactless payment systems" is robust enough to prevent account fraud and the theft of personal information. "Concerns over the security of contactless systems were heightened last week by a Federal Reserve decision that will allow for even more casual, low-cost purchases to be made across the country. In recent years, credit card companies have waived their signature requirements for so-called "small ticket" items in order to get a slice of the action. Visa, for instance, doesn't require your signature for purchases at or below $25."
Bad form to reply to my own post, but it occurs to me that this topic might get some people thnking about how to game the system.
For any youngsters out there getting ideas... card companies also work closely with major retailers to identify a reverse type of fraud.
One case I saw related to a woman who generated false receipts for small dollar amounts (box store multimedia retailer) and returned product that had been stolen for the purpose of reducing her credit card bills with the refunded amounts.
She was allowed to continue this activity for over a year after we were notified so that she would exceed a particular dollar amount at which time she was prosecuted and convicted at a higher level than would have been possible if she had been busted immediately.
Once again... these guys are serious. Always have refunded amounts put on the card with which you made the purchase or accept store credit instead (though one or two instances won't matter much any sort of pattern over time will). It really isn't worth getting a flag put on your account. You may never know of an investigation that takes place, but you may have a higher risk level associated with your account that can change balance increases or future offers.