EDITORIAL: Panic on the underground!

Panic_on_the_tubeThis editorial was first released on Monday 22nd February. Contactless Intelligence Weekly News Review Editorial – Week 08, 2016:

Remember that photo of a dress that caused such a viral sensation last year? The one where some people saw a white and gold dress and the others saw a black and blue one?. Never before had a photo triggered so many people to talk about what they are looking at. You couldn’t get away from the topic, especially with it being picked up by just about every international news agency.

A similar thing happened last week only it wasn’t about a dress. It was about a card scanner on the London underground. And as all things start these days, our story begins on Facebook…

A man called Paul Jarvis posted a picture of a man on public transport with a card terminal and wrote, “So this guy was spotted wandering round with a Point of Sale (POS) device. All he has to do is key in a price less than £30 and then touch the device on the pocket that contains your wallet. Ching! You’ve just been charged automatically on your touch pay enabled credit/debit card…. We just tried this in my local pub with their POS device and it worked… (I’ve actually shown people this using the NFC function on my mobile to read their card data through their wallet to freak them out but this is the first time I’ve seen someone doing it for real). Time to invest in a screened wallet I guess…”

Quickly picked up and whipped into a frenzied hysteria by the British press and that bastion of mob lunacy – otherwise known as Twitter – this was taken as evidence of the arrival of the  ‘digital pickpocket’. Time to Panic!

While an unscrupulous individual, in theory, could key an amount into the terminal and hold it against the pockets of unsuspecting targets, meaning they could steal money out of their victims accounts via their contactless cards, in practise it doesn’t actually work like that. Most banks require their customers to have a business bank account if they want to take card payments – starting one of these accounts naturally involves handing over personal information to the bank, making the criminal traceable if a victim noticed the transaction on their statement.

Customers could get a refund from the bank if they spotted the fraudulent activity, and if the bank traced the theft to the criminal’s account, they could get shut down. But by that point, it might be too late.

Using this method to steal from people is harder than it seems, and out of the millions of people in the UK who own contactless cards, there have only been a few reported cases of these kinds of thefts taking place. And even then it was based on card information and online ordering rather than being based on the £30 contactless cash limit.

Giles Mason, Media Relations Manager for the UK Cards Association, confirmed this premise and told Techradar, “We have not received any reports of this type of incident ever occurring in the UK. Cardholders are fully protected against fraud and would receive a full refund from their bank. In order to be able receive any money from a card payment, a retailer account must be set up with an acquiring bank. All acquirers carry out thorough security checks before setting up an account, and monitor new accounts for any suspicious activity. Every card payment is fully traceable, right through to the recipient account, meaning if any fraud is reported the recipient is easily identifiable.”

Mason also commented that, as well as the card being placed correctly near the reader, it would have to be a few centimetres away and “not near any metallic objects, including keys, mobile phones or other cards, which would interfere with the signal.”

In fact, contactless card fraud is actually quite low. In the first half of 2015, only £516,500 of a £2.58 billion contactless spend was fraudulent. That represents less than 0.2% of all cases of card fraud in the UK in the first six months of 2015. More importantly though, was the discovery that this photograph was not even taken by Paul Jarvis on the London underground but had in fact originated in Russia. Funnily enough, Jarvis has now deleted his Facebook post.

With Mobile World Congress now about to get underway, do remember to wrap your cards in tin foil and avoid any large crowds if at all possible. Just in case 🙂

The Contactless Intelligence team will also be in Barcelona, so if you have any exciting news, make sure you let us know. For those of you who want to know more about innovate payment solutions and the trends in the world of standardisation and Mobile ID, we recommend you book your ticket to the upcoming Contactless Intelligence Conference & Forums (April 26-27, London) as soon as possible while prices are low.

UPDATE: I was not going to reproduce this weeks editorial due to what I thought would be the short-lived, sensational, element of the story. However, this is a story that refuses to die – especially on Twitter. The Evening Standard also seem hell-bent on sensationalizing the story by coercing Visa Europe spokespeople to admit that ‘in theory’ this could happen. This demonstrates, I think, how readers are concerned more about the dramatic elements of a story than truth in practice. So I thought I would republish this Weekly News Review editorial on the site as it obviously still has legs!

Steve Atkins
Contactless Intelligence

Tags: , , ,

Categories: Editorial, Other

CONNECT with Contactless Intelligence

Connect with us here

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: