Five things to know about contactless credit
and debit cards
ICICI Bank recently launched contactless credit and debit cards.
Here is what you need to know about them:
1.
How do they work
Contactless debit and credit cards
operate through Near Field Communication (NFC), a technology that enables
devices to use radio-frequency identification to establish contact while in
proximity. It can be likened to Bluetooth or WiFi. It allows communication
between NFC-enabled objects at a minimum distance of 4 centimetres.
ICICI's contactless cards are powered by MasterCard Contactless
(credit card) and Visa payWave (debit card) know-how. In order to use a
contactless card, all you need to do is tap the card at the reader at the point
of sale and enter your PIN. You don't have to hand over the card to the
merchant to swipe or dip it into the EDC (Electronic Data Capture) reader.
2.
What are the risks
These cards are already in use in some
countries. There have been reports of frauds using free mobile apps to read and
hack into NFC data. NFC technology is vulnerable to skimming attacks as well.
The data on the card can be used for stealing the cardholder's identity.
There have been instances of card
information being stolen by frauds using their cell phones when they are near a
person carrying a contactless card. A University of Surrey study says
contactless payment data can be captured by criminals from a distance of up to
40 centimetres. This is known as an eavesdropping attack. However, NFC cards
issued by ICICI Bank are based on EMV chip technology. For transactions, the
POS terminal has to receive the encrypted private keys generated by the chip.
These cards are immune to any eavesdropping attempts.
Issuers and analysts are divided on how
secure these cards are. "Even if the card data is stolen using mobile
apps, the data cannot be used to make fraudulent transactions. There are
multiple layers of security," says Raj Dhamodharan, Group Head, Emerging
Payments, Asia-Pacific, MasterCard.
An ICICI Bank spokesperson echoes him:
"These cards are fully secure and immune to any eavesdropping
attempts." Forensic experts, however, beg to differ. "With
contactless cards, the free skimming apps can be downloaded from the Net and
card data can be stolen. The fraudster can also make card detailrelated changes
with the bank, and use the data for identity theft," says Mayur Joshi,
CEO, Indiaforensic.com.
4.
How to ensure security
Even though payment processors do not
believe that such cards compromise security, they claim that cardholders are
protected by a Zero Liability Policy, which means they are not held liable for
unauthorised transactions. However, it is in the customers' interest to take
precautions.
According to experts, if you are
planning to get a contactless card, you should wrap it in aluminium foil, or
keep it in a steel case. This prevents fraudsters in your vicinity from
stealing your card information using mobile apps. Also, even though you don't
need to give the card to the merchant to carry out a transaction, you should be
just as careful when entering the PIN as you are when using a normal payment
card.
5.
What are the benefits
Contactless cards offer payment
convenience. You simply have to tap the card in front of the reader to make the
payment. The verification process takes seconds and you get a payment
confirmation at twice the speed of a conventional transaction using regular
credit or debit cards. Also, you don't have to hand over your card to the
merchant or the waiter or the petrol pump employee.
Your card is never out of your sight,
which means the merchant does not get to see your card details. Contactless
card providers say that such cards offer enhanced protection and hence are
safer and more secure. Also, it's only a matter of time when you will be able
to make a contactless payment using NFC via your mobile phone, which will
further add to the ease of making payments.
Bindisha Sarang, ET Bureau Jan 19, 2015
No comments:
Post a Comment