As contactless card transactions become increasingly common in markets such as the UK and on public transit globally, it seems inevitable that there will be growing concerns around the potential for fraudsters to exploit this form of payment. Past trends in the financial services industry have shown that criminals waste no time in finding weaknesses in new technologies to commit fraud.
After Financial Fraud Action UK (FFA UK) released data on payment, remote banking and cheque fraud losses in 2016, there were headlines about the 4,500 percent increase in contactless card fraud over the last two years.
But does this really offer an accurate picture of the prevalence of contactless card fraud, and are banks doing enough to protect their customers from this threat?
What do the figures show?
The FFA UK data revealed that losses to contactless fraud – covering cards and mobile devices – reached £6.9 million (US$8.7 million) in the UK in 2016, compared to spending of £25.2 billion. While the body acknowledged that fraud losses remain relatively low, the figure marks a big increase from the £2.8 million lost to contactless fraud in 2015.
However, the value of fraudulent contactless transactions in the UK last year equated to 2.7p in every £100 spent using this technology – a decrease from the previous year’s figure of 3.6p in every £100. Fraud committed via contactless cards and devices now makes up only 1.1 percent of total card fraud in the UK.
Overall losses to fraudulent face-to-face retail transactions last year were £62.8 million, a 17 percent increase from £53.5 million in 2015.
Does the convenience of contactless raise security or fraud concerns?
Contactless may provide maximum speed and convenience for the customer, but does the technology – which doesn’t require a PIN, of course – make life easier for fraudsters? That was the point made recently by a judge in the UK during the sentencing of a fraudster in Devon.
Gareth Shaw, money expert at Which?, a consumer lobbying group, told the BBC that there are “still questions around the security of these cards”. He argued that providers must find “a better balance between convenience and security”.
Andrew Bailey, chief executive of the Financial Conduct Authority, stressed that the overall risk of contactless card fraud is low, while Richard Koch, head of policy at the UK Cards Association, pointed out that these products have “robust security features”. One such feature is an automatic security check that requires the user to enter their PIN at certain points.
“Customers are fully protected against any losses and will never be left out of pocket in the unlikely event they are the victim of this type of fraud, unlike if they lose cash,” added Mr Koch.
In an article for Finextra, Andy Ramsden of Trustonic pointed out that, while a 4,500 percent increase in contactless card fraud sounds extreme, the latest comparisons are against a very low base.
He also noted that modern customers have unprecedented choice in how they make payments. Anyone who doesn’t feel comfortable using contactless can still enjoy the convenience of ‘tap-and-go’ by using a mobile wallet with fingerprint authentication.
Given the recent and anticipated growth in contactless payments, it seems that any security concerns customers might have about this technology aren’t holding back adoption. As this payment channel continues to expand, there will be a greater onus on financial institutions to educate customers on topics such as looking out for fraudulent transactions and what people should do if they lose their card.
Image credit: iStock/DGLimages