Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are Contactless Payments Really Secure?

Posted by ScuttleMonkey on from the tin-foil-pants dept.

berberine writes to tell us Ars Technica has a closer look at whether the RFID technology behind many of the up and coming "contactless payment systems" is robust enough to prevent account fraud and the theft of personal information. "Concerns over the security of contactless systems were heightened last week by a Federal Reserve decision that will allow for even more casual, low-cost purchases to be made across the country. In recent years, credit card companies have waived their signature requirements for so-called "small ticket" items in order to get a slice of the action. Visa, for instance, doesn't require your signature for purchases at or below $25."

1 of 186 comments (clear)

  1. Re:yeah yeah by ushering05401 · · Score: 5, Informative

    As of 1 1/2 years ago this is how fraudulent charges were handled.

    If there is a disputed charge of any amount the credit agency sends a notice to the seller. The seller MUST provide signature evidence related to the transaction within a period of several days or the charge is automatically reversed (charge-back).

    If the signatory proof is produced, but the signature does not match the one on file then depending on the amount one of two things will happen: the credit lender will request video footage and or supporting documents related to the sale, or the credit lender will eat the charge and the seller does not get charged-back.

    In the event of a suspicious pattern of claims of fraudulent activity the credit lender reserves the right to investigate the card holder to the extent that they may request video or other documentary evidence related to purchases made by the card holder at any location that accepts the credit card as tender. It is up to the legal department of the seller whether to comply, but my experience is that they always do. All major retailers with which I am familiar have procedures set up for handling charge-back notifications in-store, without legal department approval providing the request for documents falls withing a predefined range of appropriate disclosure (usually does not include video which is a separate approval process).

    Always sign your slips with a distinct signature, never try to screw with your card provider. These guys are serious and have entire departments dedicated to identifying patterns of fraud... you are not excluded even if your fraud pattern is only going to include small amounts.

    Regards.