Contactless card flaw could cost victims dear
Scammers could skim off thousands of pounds just by brushing past a victim carrying a contactless payment card

A flaw in the security provisions for contactless payment cards could allow thieves to steal large amounts of foreign currency just by touching a smartphone against a victim’s wallet, scientists have said.
The glitch could allow thieves to withdraw sums of up to 999,999.99 in foreign currency denominations, The Independent reports. If done in Euros this could come to more than £780,000.
Contactless payment cards are meant to have a spending cap of £20, but security experts from Newcastle University found that those limits are not imposed when payments are made in foreign currency.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Researchers said that thieves could potentially exploit the flaw by rigging smartphones to act as card scanners, allowing them to steal huge sums of money from unwitting victims.
Lead researcher Martin Emms said: "With just a mobile phone we created a point-of-sale terminal that could read a card through a wallet. By pre-setting the amount you want to transfer, you can bump your mobile against someone’s pocket or swipe your phone over a wallet left on a table and approve a transaction. It took less than a second for the transaction to be approved."
After reviewing Newcastle University’s findings, Visa Europe responded that the study failed to take into account the "multiple safeguards throughout the Visa system", adding: "It would be very difficult to complete a fraudulent payment of this kind outside a laboratory environment."
The UK Cards Association trade body told the Daily Mail: "While this complex fraud may be theoretically feasible in a laboratory, it hasn’t been attempted in the real world and absolutely no money has ever been lost as a result. There are robust security checks in place at every single stage of a payment – by the retailer’s bank, the card scheme and the customer’s bank – which monitor, and stop, suspicious transactions. Consumers can be assured they are legally protected from any fraud losses and will never be out of pocket."
It added: "Contactless cards are extremely safe – borne out by the negligible fraud losses of less than 1p for every £100 spent over the first half of 2014."
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
July 13 editorial cartoons
Cartoons Sunday's political cartoons include new TSA rules, FEMA cuts, and Volodymyr Zelenskyy complimenting Donald Trump's new wardrobe
-
5 weather-beaten cartoons about the Texas floods
Cartoons Artists take on funding cuts, politicizing tragedy, and more
-
What has the Dalai Lama achieved?
The Explainer Tibet’s exiled spiritual leader has just turned 90, and he has been clarifying his reincarnation plans
-
One year after mass protests, why are Kenyans taking to the streets again?
today's big question More than 60 protesters died during demonstrations in 2024
-
What happens if tensions between India and Pakistan boil over?
TODAY'S BIG QUESTION As the two nuclear-armed neighbors rattle their sabers in the wake of a terrorist attack on the contested Kashmir region, experts worry that the worst might be yet to come
-
Why Russia removed the Taliban's terrorist designation
The Explainer Russia had designated the Taliban as a terrorist group over 20 years ago
-
Inside the Israel-Turkey geopolitical dance across Syria
THE EXPLAINER As Syria struggles in the wake of the Assad regime's collapse, its neighbors are carefully coordinating to avoid potential military confrontations
-
'Like a sound from hell': Serbia and sonic weapons
The Explainer Half a million people sign petition alleging Serbian police used an illegal 'sound cannon' to disrupt anti-government protests
-
The arrest of the Philippines' former president leaves the country's drug war in disarray
In the Spotlight Rodrigo Duterte was arrested by the ICC earlier this month
-
Ukrainian election: who could replace Zelenskyy?
The Explainer Donald Trump's 'dictator' jibe raises pressure on Ukraine to the polls while the country is under martial law
-
Why Serbian protesters set off smoke bombs in parliament
THE EXPLAINER Ongoing anti-corruption protests erupted into full view this week as Serbian protesters threw the country's legislature into chaos