You are here: Home - Credit Cards & Loans - News -

Financial watchdog to clampdown on contactless card fraud

0
Written by: Paloma Kubiak
30/03/2017
Contactless card fraud is a growing area of concern as tricksters exploit a loophole with the technology, prompting the financial regulator to crackdown on the industry.

The Financial Conduct Authority (FCA) has set out measures to tackle contactless card fraud as a security flaw means tricksters can continue to spend on them after they’ve been reported lost or stolen.

Contactless card use is increasing as more than 100 million contactless cards are in issue in the UK, with the average transaction standing at £8.95, according to the UK Cards Association.

However in 2016, of the £25.2bn spent via this payment method, there was £6.9m losses from contactless and mobile device technology. This is the equivalent of 2.7p per £100 spent, down on the 3.6p per £100 reported in the year earlier. In 2015 £7.75bn was spent using contactless technology, with £2.8m fraud reported.

How are tricksters able to commit fraud?

In a letter published today John Griffith-Jones, chairman of the FCA, wrote to Andrew Tyrie MP and chairman of the Treasury Committee, to explain contactless card fraud.

Commenting on the fraud figures, Griffith-Jones said that while the risk to consumers is “relatively low”, the FCA agrees that public confidence in contactless technology “could be eroded without further action”.

He explained that unlike some other forms of fraud, contactless card fraud can be easily identified by card issuers as they can identify transactions made on a card that is reported as lost or stolen.

However the risk of fraud comes when merchants process payments offline – currently 45% of transactions are made offline  – as it may be more cost-effective or because it’s not possible to do so online, such as on flights mid-air. This is where payments are taken in batches and processed later, usually overnight by large retailers, but a few days for smaller retailers.

While the FCA can’t publicise exactly how the fraud is then committed to “avoid fraudsters gaming the controls,” an investigation in 2015 revealed the ease at which sensitive personal information can be decoded after items were purchased via contactless card-reading technology. The data was then used to successfully place orders for expensive items online.

What steps is the FCA taking?

While most card schemes place a £30 limit on the value of a transaction, and consecutive transactions require customers to input their pin, Griffith-Jones said Visa and Mastercard have an unpublished lower cap on the value of transactions that are allowed to be processed offline. Later this year Visa will require all contactless transactions to be authorised online to prevent transactions being completed on cards that are reported lost, stolen or cancelled which should “significantly reduce contactless card fraud”.

The FCA said it wants to see all contactless card issuers identify and block cancelled card transactions before they’re debited from customer accounts.

Griffith-Jones wrote: “These controls explain why fraud and consumer losses in the contactless environment remain relatively small. However it remains that there are currently a limited set of circumstances where a card can be used by a fraudster several months after it has been cancelled.” As a result the FCA is exploring the following:

  • Removing any onus on customers to identify fraudulent transactions.
  • Technical enhancements to reduce the likelihood of post-cancellation contactless card fraud.
  • Making the option of having a non-contactless card more visible during card issuing.
  • Improving customer communications at time of cancellation.
  • Providing clarity to customers on the clearing times for contactless payments.
  • Raising awareness of the Industry Hot Card File which has information on over 7.2 million UK cards that have been reported lost, stolen or compromised. Retailers can check the file to see if there’s a match before processing payments.

‘Package of measures is welcome’

Tyrie responded: “As things stand, in order to mitigate the risk of fraud, customers are expected to comb through their bank statements months after they have instructed their banks to block their lost or stolen cards. That seems unreasonable. The Treasury Committee has urged the FCA to sort this out.

“So the package of measures to resolve this problem, which the FCA proposes in their letter to the Committee, is welcome.

“One of the FCA’s operational objectives is to ‘secure an appropriate degree of protection for consumers’. The Committee will do what it can to hold the FCA to it.”

There are 0 Comment(s)

If you wish to comment without signing in, click your cursor in the top box and tick the 'Sign in as a guest' box at the bottom.

Seven ways to get help with energy bills this winter

We knew today’s announcement was going to be painful, but it’s still a shock to the system. When this kick...

Flight cancelled or delayed? Your rights explained

With no sign of the problems in UK aviation easing over the peak summer period, many will worry whether holida...

Rail strikes: Your travel and refund rights

Thousands of railway workers will strike across three days this week, grinding much of the transport system to...

What will happen if rates change

How your finances will be impacted by a rise in interest rates.

Regular Savings Calculator

Small regular contributions can build up nicely over time.

Online Savings Calculator

Work out how your online savings can build over time.

DIY investors: 10 common mistakes to avoid

For those without the help and experience of an adviser, here are 10 common DIY investor mistakes to avoid.

Mortgage down-valuations: Tips to avoid pulling out of a house sale

Down-valuations are on the rise. So, what does it mean for home buyers, and what can you do?

Five tips for surviving a bear market mauling

The S&P 500 has slipped into bear market territory and for UK investors, the FTSE 250 is also on the edge. Her...

Money Tips of the Week