If the card is NFC-enabled, the payment process at the supermarket checkout should be easier and faster. Under certain circumstances, it is not even necessary to enter a PIN. But how secure is the whole thing?
Contactless payment using Near Field Communication (NFC) is becoming more and more common in everyday life. The technology is not just limited to credit cards; this payment method is also possible with debit cards and even with smartphones or smartwatches. The card or smartphone is simply held close to a cash register terminal equipped with NFC and the process is complete – up to a certain amount even without a PIN. We have summarised how this works and what security risks there are here.
How does contactless payment work?
Most credit cards already have NFC chips built into them, which make contactless payment possible. This can be recognized by the small wave icon that is visible on the card if it is NFC-enabled. Customers can pay with such a card wherever there are card readers that are also equipped with Near Field Communication. Incidentally, the NFC radio standard is not only used for contactless payment; keyless car or building access systems also usually have NFC. Almost all credit cards today, such as those from American Express, have an NFC chip. Amex even allows payments of up to 50 euros without entering a PIN.
Advantages of contactless payment:
- Hygiene: no more handling of cash necessary
- Time: The process only takes a few seconds
- Functionality: just hold the card to the terminal, done
- Security: Transfer of encrypted data
With an American Express credit card, amounts over 50 euros can be easily paid contactless via mobile payment. When making mobile payments with the American Express Platinum Card, cardholders can take advantage of additional benefits, as the card offers numerous additional services, such as restaurant and travel credit.
Are there any security risks?
Theoretically, it is possible that the data stored on the card can be read. However, for this to happen, a potential perpetrator would have to get very close to the victim or the card. When making online payments, this data can only really be used if no TAN or check digit is requested during online payment transactions. In stores, on the other hand, there are few risks involved. The card must be held a few centimeters from the reader during the payment process so that the payment can be completed – and no potential perpetrator can get that close to the card without the cardholder noticing.
- NFC transmits small amounts of data over very short distances
- The distance between the card and the terminal must not exceed ten centimetres before the data is transmitted
- An encrypted token is transmitted that is only valid for this one payment transaction
- This code encrypts both the account and payment data
- The data transfer rate is also very limited
- The number of possible NFC transactions is limited
- Multiple payments are also not possible
- Therefore, actual misuse of the data is hardly possible
Barclays also offers the option of contactless payment with its credit cards; both the Barclays Visa and the Gold Visa and the Platinum Double are equipped with NFC.
How can you protect a credit card with NFC?
If you want to be on the safe side, you can take a few protective measures to protect your credit card from being spied on:
- If several cards are stacked on top of each other in the wallet, the individual data records can no longer be read from the outside
- There are special protective covers that block radio waves and prevent reading
- In addition, account transactions should always be kept in mind – if there are any irregularities, this can usually be clarified with the respective credit institution
Contactless payment with NFC is considered relatively secure
According to the consumer advice center, contactless payment with a credit card is just as safe as standard card payments by inserting the card into the terminal. In fact, paying with a smartphone via an app is easier to manipulate, as credit card information or passwords can be spied on using malware. Regular updates are a must here. However, anyone who only uses NFC with a credit card does not have to worry about data theft, especially during the payment process.
This article contains so-called affiliate links. More information can be found here.
Source: Stern
