Lord777
Professional
- Messages
- 2,576
- Reaction score
- 1,577
- Points
- 113
Bank cards and other contactless payment tools are actively used in various fields today. For hypermarkets and large stores, this is a real find. This technology greatly simplifies purchases and shortens the time it takes to complete a payment. Ease of use and time savings also appeal to users. But many of them forget about the safety of contactless payments.
Features of contactless payments
The essence of the technology is the use of a radio chip (NFC module), which operates at a frequency of 13.56 MHz, and a receiver. Payment details are saved in the module and are transmitted when it is activated to the polling terminal. Information is exchanged between the device and the card, after which a transaction is made. If the payment amount exceeds $ 15, then the operation requires the entering of a confirmation PIN-code.
It is the limit, as well as the limitation of the distance at which interaction between the chip and the transmitter (payment terminal) is possible, that have long been the main protective mechanisms preventing unauthorized transactions. But with the improvement of the technologies used by fraudsters, the protection mechanisms are also improving.
Payment cards
Among contactless tools, bank cards are the most vulnerable. This is due to the fact that the owner's payment details are contained on a chip embedded in it. In theory, this allows an attacker to read information using powerful radio devices (readers). Some of the modern gadgets already "know how" to steal data from maps at a distance of up to 1 meter, which is potentially dangerous, especially in crowded places, since the data of hundreds and thousands of people can be in the hands of attackers at once.
There are also simpler ways to steal funds that do not require the use of such complex and expensive equipment. Using a mobile payment terminal, you can write off amounts up to 1000 rubles from the cards of their owners, which does not require confirmation. However, this requires that the terminal is no more than 10 cm from the chip. This can be done in the subway, supermarket and other crowded places.
Smartphone Apps
Transactions today can be made through smartphones and other similar gadgets. Such opportunities are available to owners of Apple, Samsung and Android devices when installing special applications. This eliminates the need to use vulnerable contactless bank cards.
Today the following applications are used:
Contactless payment technology via smartphones is implemented in a slightly different way. Card data is not transmitted during payments, but is either stored in a closed area of the smartphone's memory, or is not written to it at all. Based on the details, the program generates an encrypted code, which is used when making payments. After each transaction, the code is deleted, and a new one is generated before the payment.
An additional guarantee of the safety of payments through a smartphone is the need to confirm the operation by means of a fingerprint, Face ID, pattern or PIN. This is true if a gadget is lost or stolen. Security is also monitored by special applications that allow you to track a lost phone, remotely change its password and destroy data.
Features of contactless payments
The essence of the technology is the use of a radio chip (NFC module), which operates at a frequency of 13.56 MHz, and a receiver. Payment details are saved in the module and are transmitted when it is activated to the polling terminal. Information is exchanged between the device and the card, after which a transaction is made. If the payment amount exceeds $ 15, then the operation requires the entering of a confirmation PIN-code.
It is the limit, as well as the limitation of the distance at which interaction between the chip and the transmitter (payment terminal) is possible, that have long been the main protective mechanisms preventing unauthorized transactions. But with the improvement of the technologies used by fraudsters, the protection mechanisms are also improving.
Payment cards
Among contactless tools, bank cards are the most vulnerable. This is due to the fact that the owner's payment details are contained on a chip embedded in it. In theory, this allows an attacker to read information using powerful radio devices (readers). Some of the modern gadgets already "know how" to steal data from maps at a distance of up to 1 meter, which is potentially dangerous, especially in crowded places, since the data of hundreds and thousands of people can be in the hands of attackers at once.
There are also simpler ways to steal funds that do not require the use of such complex and expensive equipment. Using a mobile payment terminal, you can write off amounts up to 1000 rubles from the cards of their owners, which does not require confirmation. However, this requires that the terminal is no more than 10 cm from the chip. This can be done in the subway, supermarket and other crowded places.
Smartphone Apps
Transactions today can be made through smartphones and other similar gadgets. Such opportunities are available to owners of Apple, Samsung and Android devices when installing special applications. This eliminates the need to use vulnerable contactless bank cards.
Today the following applications are used:
- Apple Pay is Apple's payment system that allows you to use MasterCard credit and debit cards directly through the app.
- Samsung Pay is an application that allows you to use your Samsung smartphone as a mobile payment device.
- Android Pay is a similar program for owners of Android devices.
- The wallet is a domestic payment application from MasterCard and CardsMobile based on cloud-based NFC technology.
Contactless payment technology via smartphones is implemented in a slightly different way. Card data is not transmitted during payments, but is either stored in a closed area of the smartphone's memory, or is not written to it at all. Based on the details, the program generates an encrypted code, which is used when making payments. After each transaction, the code is deleted, and a new one is generated before the payment.
An additional guarantee of the safety of payments through a smartphone is the need to confirm the operation by means of a fingerprint, Face ID, pattern or PIN. This is true if a gadget is lost or stolen. Security is also monitored by special applications that allow you to track a lost phone, remotely change its password and destroy data.