Family Encyclopedia >> Work

Contactless payment:is there a risk? Is it secure?

Contactless payment:is there a risk? Is it secure?

Contactless payment is a dematerialized means of payment that is used with a bank card or via a dedicated application downloaded to your mobile phone. It allows you to make purchases of small amounts, in principle of a maximum of 50 euros, from merchants. A quick solution, which does not require handling cash or typing your secret code on a payment terminal. Contactless payment has been increasingly successful in recent years, but the health crisis linked to the 2020 coronavirus has caused its use to explode. Even if, like the bank card, it is an ultra-secure means of payment, the possibilities of hacking your bank details nevertheless exist, even if they are relatively rare.

What is contactless payment?

Contactless payment refers to a fast method of payment that can be made either with your bank card or with your mobile phone.

These types of payment can be made at merchants who have a specific box, called a "terminal", for purchases of small amounts. The cumulative amounts of contactless payments made are also limited in time, either per day, per week or per month depending on the bank, and also depending on the form of contactless payment (with a bank card or a mobile phone). The number of consecutive transactions that can be made via contactless payment is also limited.

When you can no longer use contactless payment because you have exceeded these various ceilings and limits, you must pay for your purchases with another means of payment (“normal” use of your bank card, cash or cheque).

Contactless payment using a bank card

To make a contactless payment with a bank card, simply tap your means of payment (and more specifically its contactless electronic chip called "NFC chip", that is to say, in English, "Near Field Communication”) of a maximum of 4 centimeters from the dedicated box available to the merchant. NFC technology allows data to be exchanged by radio waves between a reader and a compatible mobile terminal.

With contactless payment using a bank card, you do not have to enter a secret code as when you insert your card into this same terminal, nor do you need to bring your signature or present a proof of identity as with a check for example.

If you have a bank card issued after September 2017, contactless payment gives you the possibility of paying for a purchase of a maximum of 50 euros, a limit which is understood to be per transaction.

If your bank card dates from before October 2017, you cannot make a contactless payment of more than 20 euros per transaction.

Contactless payment using a mobile phone

It is also possible to make a contactless payment with your mobile phone. However, two conditions must be met.

First, your phone must be equipped with the NFC system. On the other hand, your bank must be able to offer you a contactless payment service for mobile phones, a kind of application to download to your phone.

Just like with your bank card, to make a contactless payment with your mobile phone, you must bring the latter very close to the merchant's terminal, and you do not need to affix your signature either. On the other hand, it is possible, according to the banks, that you will be asked for a confidential code if you make a purchase whose amount is greater than 20 or 30 euros. In this case, either you enter this code on the keypad of the merchant's terminal, or your bank's dedicated mobile application downloaded to your mobile phone asks you to enter your associated password.

Is contactless payment secure? What are the risks?

Contactless payment is a payment method as secure as a bank card. Despite everything, as for the latter, the risks of fraud are unfortunately not non-existent.

The main risk lies in the possibility of your bank card being hacked, known as tele-pickpocketing . Even if this fraud is still marginal, it does exist. This type of hacking consists of a scammer “sucking up” the data contained in your bank card using a mobile phone application capable of reading the chips equipped with NFC technology on your payment card.

Once your banking data has been intercepted in this way, these hackers, who are most often known as "hackers", can use several methods to use them fraudulently. Either they immediately send them to an accomplice in the process of making a contactless payment and your bank details are then used for this purchase, or they use them to make purchases on unsecured websites often based on stranger, especially if those hackers also stole your name from your credit card.

Good reflexes to avoid the risks associated with contactless payment

If the hacking of your bank card is possible during a contactless payment directly or through your mobile phone, and even if this possibility is however not so widespread, there are ways to protect your means of payment to avoid this fraud.

You can, for example, equip yourself with a specific case on sale in shops, and more particularly in shops specializing in new technologies, inside which you slip your bank card. This case has the particularity of blocking hacking attempts thanks to an adapted technology.

On the other hand, make sure, during a contactless payment, that your name is not visible to a possible crook positioned near you.

If you use your phone to make contactless payments, you have the possibility, via the mobile application provided by your bank and which you have downloaded, to activate and deactivate the NFC payment function as you wish. at the root of the causes of piracy. Also, your app requires you to enter a password to open it. In order to avoid the risk of fraud and hacking, it is strongly advised not to use your confidential code of your bank card as the same password.

If, despite these basic precautions, you notice fraudulent payments on your bank account statements, you must quickly object by calling the special number common to all banks in this case:0 892 705 705, and report them to your bank branch.

If your contactless payment bank card that has been hacked is still in your possession and you have made the necessary declarations of fraud to your bank, you are not considered responsible. Your bank must reimburse you for the fraudulent debits and possibly the resulting bank charges.

If contactless payment is indeed not completely secure, the fraud observed does not relate to very large sums since this type of payment method is limited as much with regard to the amounts of purchases that can be made (50 euros maximum), than in relation to the number of operations that can be carried out per day, week or month, depending on the bank.