I thought the contactless method uses the same chip from “chip and PIN” for NFC but without the PIN? There is no details that can be duplicated/cloned (like with magstripe) in chip and PIN nor in contactless (AFAIK) so no real way for fraud to be committed. If a fraudulent person had a contactless terminal, he’d still need a contract with Mastercard/Visa/etc to process those payments, I’m pretty sure.
2 Likes
Ah really? If so, then that’s totally fair 
I’m only going off of what I’ve read and been told etc.
Edit: Though, I don’t have a contract with Visa etc. as a business (since SumUp presumably act as the processor), but I could quite easily walk up to someone with my SumUp terminal and obtain up to £30 from them (that’s the contactless limit).
1 Like
I don’t know what exactly you are disputing… in my post. 
Yeah… no. Because if you need to insert your card and enter your pin, you know you’re paying for it. here’s how it went…
Person looked at their bankstatement ans saw 3 payments in MacDonalds… in a row. So the theory goes that while it was near the POS waiting for her food, 2 more meals wer billed to her card.
1 Like
I have to side with @MrPsycho here. That’s not really possible. NFC requires the card to be very, very close to the terminal.
1 Like
But that would not be a viable method for fraud, realistically. Anyway yeah I am pretty sure, though I never looked it up, for example here is my transparent N26 card and you can see the circuitry.
1 Like
idk man, I’ve been told at the bank that all it takes is to have it in the wallet, in my pocket. So not so sure about that. Either way I play safe, I don’t mind the chip&pin procedure… its a few secs…
1 Like
Though, I was never explicitly referring to fraud. In that regard, fair enough, it’s probably difficult and unrealistic to be able to do it. But is it easy and realistically possible to charge someone £30 via contactless? Yes, but they could (probably) easily charge it back if they noticed.
Then you’ve been told a lie 
NFC (as the name would imply) requires the two points of contact to be incredibly close to each other to be functional (generally well under an inch).
1 Like
Basic NFC tech is pretty much physical contact, or 1-2mm. It’s similar to wireless charging but even worse (mainstream wireless charging is like 6-9mm at the moment) because you need to transmit without error. Even if there are special devices that can do NFC at say <1 meter, the limit is £30 and you could chargeback that painlessly. Hell, with a modern FinTech bank you can just make sure that isn’t even possible (freeze card, disable contactless functionality, etc).
3 Likes
Like I said, I’m passing the story along. It didn’t happen to me, I was not sure it was a lie and I sure as hell wasn’t gonna enter into an argument over it hahaha
2 Likes
That video is irrelevant. Yes, you can achieve a successful transaction, I never undermined this. The problem is how you are going to collect that money?
How that dude obtained his terminal? Do you think PayPal is going to get over a few chargebacks? If you file a chargeback with a seller that you never made any transactions before and state that you probably were scammed the visa/mastercatd is going to side with you.
As for the scanning process showed with a smartphone - yeah… That dude is either incompetent or tries to arouse suspicion in uninformed users. Yes you can scan the card, but you will get the BASIC information like card number, owner’s name and expiry date and sometimes even the last 5 transactions (depends on the card), but you can’t do anything with that information. You can’t make a transaction.
You’re from UK, right? As of February 18, 2016:
The UK Cards Association, the trade body for card payments, has confirmed to techradar there have been no reported incidents of this crime in the country. According to the UK Cards Association, this is it’s nigh on impossible that someone could carry this out and get away with it.
Source: Don't panic: no-one is scanning your contactless card through your pocket | TechRadar
For people not bothering clicking in the link, what’s pretty much what I wanted to say, but written much better:
"In order to be able receive any money from a card payment, a retailer account must be set up with an acquiring bank.
“All acquirers carry out thorough security checks before setting up an account, and monitor new accounts for any suspicious activity. Every card payment is fully traceable, right through to the recipient account, meaning if any fraud is reported the recipient is easily identifiable.”
It is theoretically possible that someone could use a registered terminal that is connected to a retail account, but it would be easy to track the thief down.
All cardholders in the UK and US are fully protected against fraud and would receive money back from their bank.
2 Likes
Fascinating. Thanks for the information! Very true, after a load of cashbacks, I doubt a processor would allow an account to continue operating. Though, obtaining a simple contactless terminal is very easy to do via many vendors, so I don’t doubt that someone has tried this, but tracking down the thief would indeed be remarkably easy. Videos like that are clearly an issue for distributing misinformation then!
2 Likes
That’s true, except the PIN part. You can customize to which amount of $ you want the payments to be PIN-less, including the amount of PIN-less transfers per day/month.
That’s… Bullshit. Your card has to be a centimeter from the terminal. Every terminal also beeps! You can also clearly see on the screen the transaction value. In my opinion that’s a bug in the terminal software (which could also happen with a “insert card” method). We had a chain of supermarkets in Poland having such bug. Every. single. invalid. transaction. was. reversed. Usually with such one-time problems you can just go to the shop and let them now, either the cashier or the payment processor is going to reverse the other transactions.
Well… Technically whoever told you this haven’t lied. Making such frudlent transaction is easy… As well as reverting the transaction and tracking down the thief. Also, how do you rate the technical competences of the person who told you this? 
Well… Do it then and see what happens; you either will get a free £30… or not. Make sure the person you get the money from doesn’t now about it. 
2 Likes
The terminal in the car park I use you have to hold the card there for 3 seconds before payment and almost every terminal I use you virtually have to make contact.
As an aside anyone use apps to make payments? Tesco in the UK generate a QR code in the app for payment. It doubles up as a loyalty card too
1 Like
It’s chip and signature here. Never will be chip and pin (or at least I’ve not heard of any push to do so).
2 Likes
If you’re worried about someone reading your contactless cards you can get RFID blocking card sleeves or blocking wallets.
2 Likes
We do have chip ones ( depends on the bank) but had to sign I think mostly in the uk.
Like a payment clerk approached to us every single time while British made it seem so so easy ( British payed without a sweat)
E
Italians lover cash
1 Like
I don’t.
I have a rule in life, which is that I never assume that I know more about something than someone else that works with that something for a living, or that I am talking with a bad professional.
So in this case I asked the account manager to explain it to me, and I expect the manager to be trained to answer my simple questions.
Whoever my rule doesn’t always work in my favor…
3 Likes
Guys, nice thread 
Didn’t have much time to participate in the conversation.
Nevertheless, an entertaining and informative read.
2 Likes
Tap to pay contact-less payments are awesome. I’m with the euros on this one.
2 Likes