If you check your wallet, you probably have at least one credit or debit card that uses Near Field Communication (NFC) for making contactless or “tap to pay” payments at brick-and-mortar retail outlets.
According to Moneris Solutions, the largest card payment processor in the country, the dollar volume of tap to pay spending made across its terminals has been skyrocketing lately.
"More Canadians – especially younger ones – are tapping their cards to pay as opposed to inserting them into payment terminals," says Rob Cameron, Chief Product Officer at Moneris. "We've seen the number of contactless transactions more than double this year, which is a strong indication that mobile payments are going to see a huge lift."
Moneris found that 67% of Canadians aged 18-34, 56% aged 35-44, and 48% aged 55+ prefer to use a tap card to make purchases, citing convenience and speed as the primary advantages.
What’s not to like? Instead of entering your PIN or signing a receipt, you simply place the card on the terminal and tap. It’s convenient for both merchants and consumers and is quickly becoming the norm as shoppers demand easier ways to pay without compromising on security.
Despite this, concerns about hackers armed with a data-stealing card-reading device may still be holding some consumers back. But the chances of you becoming the victim of this type of fraud are extremely unlikely, says the Canadian Banking Association.
Tap to pay cards can only work within short range (NFC signals are only detectable in a range of 2 to 4 inches) of a retail terminal, which makes it difficult for crooks to gain access to card information from a distance.
Even if they could, the theft’s effect would be less than it is when data is taken from the magnetic stripe. Stolen card data from tap cards can’t be used to create a counterfeit piece of plastic capable of being used for fraud.
During the transaction, the card and the terminal communicate with each other, undertaking security checks and transmitting a unique encryption code. This expires immediately after the transaction is finished. Even if someone was able to get close enough to steal data from your card, they wouldn’t be able to use the encryption code because it would have expired.
In fact, the data transmitted during a tap to pay transaction is really quite limited and includes things like language preference and card number. Your name, bank account number and the three-digit security code on the back of the credit card aren’t sent out during the transaction.
As a result, since your card never leaves your hand during the entire process, the risk of it used for fraudulent purposes is sharply reduced.
Generally speaking, tap to pay cards have low transaction limits – typically between $50 and $100 – with any larger purchases generating a request to enter your PIN for additional security. What’s more, Visa, MasterCard and Interac all maintain zero-liability policies for credit and debit cardholders. This means, in cases of fraud or unauthorized use, you won’t be held responsible and will be able to get your money back.
If you’re still worried though, there are stacks of smart-card protector sleeves available online and at office-supply outlets – although at least one security expert suggests they’re really overkill.
Are you more of a DIY type? Since many card protectors use a fine layer of aluminum as shielding, adding some aluminum might provide an equally effective barrier to protect you from being electronically scanned and skimmed.
Do you use tap to pay cards? Let us know in the comments below!