Subscribe to Our Newsletter

We know you love savings. Sign up for more!

Is Visa payWave Safe From Digital Pickpocketing?

Updated 12 Nov 2019 – By Loanstreet


 

According to Visa Malaysia Country Manager, Ng Kong Boon, the usage of contactless payments through the Visa payWave is hovering at 20% (as of March 2018). He also mentioned that the payWave penetration in Malaysia is expected to hit between 25% to 30%  this year and 50% by 2020.

Even though this payment method is growing positively, many of us still have concerns and questions regarding this matter.  How much safer has the new technology been proven so far? Is it easier to hack? Will my card be exposed to electronic pick-pocketing? Will there be a risk of ID theft?

Fret no more, because we have the answers for you!

 

payWave? What’s that?

For those who aren’t familiar with the term, payWave is essentially Visa’s response to MasterCard’s PayPass system. The most prominent difference here is that both systems enable customers to make any purchase seamlessly. All you have to do is tap your card in front of the terminal that accepts the contactless feature, and your transaction will be processed. Your signature or PIN number is no longer needed. Simple, isn’t it?

 

FYI, you can also make a payment using your smartphone. Just make sure that the device is NFC-enabled. You also need to download a mobile payments app from your mobile phone provider or financial institution and load your existing Visa Credit or Debit accounts. Now that you're all set, just look for the Contactless Symbol on the terminal during checkout and hold your phone or device over the symbol to pay.

 

But, is payWave secure enough to be used?

The answer is DEFINITELY. Before that, let us give you a little bit of the backstory.

Last year, there was an article published by a local daily claiming that contactless card is easily hacked by electronic pick-pocketers. It is said that there is an app for this which can be downloaded from Playstore/Appstore or an open source.

The said app is able to steal information like credit/debit card number, the card's expiry date as well as CCV by using an NFC-enabled device. It can scan your card from a 1-metre distance. Then, they can use that information to make transactions 'without authorisation', as well as to 'clone cards'.

Image via Amanz

 

Based on Amanz's review on the app, the data retrieved aren't enough to make any online purchase. What they got were the card number, the card’s expiry date, and the card’s transaction history. What was missing is the CCV number, which is needed when you're making an online transaction.

On top of that, the writer also mentioned that the card can only be scanned when he puts the card really close to the device. This means that there is no way things like this can happen without your knowledge unless you're intentionally inattentive.

Furthermore, to debunk this news, Bank Negara Malaysia (BNM) shared that contactless cards cannot be cloned or used for unauthorised transactions by fraudsters. This is because the cards are equipped with an embedded EMV chip that generates a dynamic code for every transaction.

According to the central bank, although the card numbers and expiry dates could be obtained by a person using a scanner, the data would be insufficient to clone a card. Plus, with NFC technology, it reduces the threat via its data encryption for sending sensitive information.

On top of that, if a fraudster attempts to use intercepted data to manufacture and use a counterfeit card, the bank would be able to identify the transaction as fraudulent and stop the transaction from going through.

As for online transactions, cardholders are required to enter a transaction authorisation codes (TAC) that are sent to their mobile phones for authentication. For smartphone users, your Visa payWave card is secured with a fingerprint or a PIN number to keep unauthorised users at bay. On top of that, the transaction will also be protected by the Visa Token Service.

REMINDER: First, don’t flaunt your PIN number to anyone. Second, if you lose your card, just contact your issuing bank immediately to block your card from unauthorised transactions and ask for a replacement card. Lastly, if there are any unusual transactions on your bank statement, do report to your bank as soon as possible.


 

The Pros and Cons of payWave

Pros Cons
  • It's convenient. Just 'tap and pay'.
  • It's safe and secure.
  • Retailers don't have access to your credit card information anymore.
  • You will not be debited twice because Visa payWave readers are designed to only communicate with one card at one time.
  • It works with any amount. If you need to make a payment above RM250, you'll need to tap and enter your PIN number at the terminal.
  • By simply tapping the card over a terminal, it means that thieves can pose as legitimate customers and make purchases with the card.
  • There are still a number of merchants that have yet to adopt this technology.

 

So, should you use payWave?

In conclusion, by looking at the pros and cons of payWave, it may seem that the good outweighs the bad. With regards to whether payWave is better and safer, it may come down to individual choice - YOU be the judge.

Moving forward, it will be interesting to see what new developments we're headed towards in the contactless payment technology arena, especially with developments like wristband payments and the Coles PayTags.

Continue reading...

Suggested Articles

Does Your Family Have Enough Savings in Case of an Emergency?

Does Your Family Have Enough Savings in Case of an Emergency?

Want to Get Fast Financing Without Going to the Bank? Here’s How

Want to Get Fast Financing Without Going to the Bank? Here’s How

Here are the Best Fixed Deposit Promos in Malaysia 2019

Here are the Best Fixed Deposit Promos in Malaysia 2019