Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security

Group

Future Finance
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Contactless payments are not a choice

If you want a new debit or credit card in Australia, you're getting PayWave or PayPass - there's no choice. And Australian police forces, and at least some consumers, don't like it.

Police are bemoaning an increase in contactless credit and debit card fraud arising from stolen tap and go cards, and point to increases in handbag thefts, car break-ins and mail interception as criminals look to grab the cards and quickly spend on as many sub $100 purchases as possible before the bank gets a stolen card report or puts the card on hold due to suspicious transaction patterns.

On a popular news panel TV show the other night, one of the presenters related the tale of a friend who had lost more than $1000 when a card was stolen. Presumably the bank/card scheme covered this loss. But when they tried to get a new card issued without the contactless payment functionality, they were told it was not possible. So, the presenter said, they were forced to take a pin (the pointy kind) to the chip to disable it. How true this is, I don't know. I expect this would cause more problems for the cardholder if they encounter POS devices that don't have working magstripe swipe readers anymore. But forcing contactless payments on consumers does demonstrate a lack of flexibility on the part of the issuing banks.

Why not enable the customer to switch off the contactless capability if they want to, or even change the transaction limit? I'm no expert in MULTOS chip architecture, but I would imagine that certain parameters could be changed when applications are loaded at the card personalisation stage of issuing.

For the banks, any recent increases in stolen and not-received card fraud are dwarfed by the dramatic rise in card not present fraud. So I can see it's not top of their priority list in terms of minimising their own losses. And with Australia now leading the world in per-capita adoption of contactless payments (43% of the population regularly using it according to one recent survey), they may be excused for thinking they're on the right track.

But in terms of making a customer feel that they can take responsibility for their own financial security, and that the bank respects their choices, greater flexibility could be a good thing.

5934

Channels

Security

Group

Future Finance
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (4)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 29 August, 2014, 17:58Be the first to give this comment the thumbs up 0 likes

I don't envy banks. Don't do contactless and face the charge of being uninnovative. Do contactless and face the charge of being inflexible. But cardwise switchability and limits are good features (assuming they're technically feasible). Banks should be able to eat the additional costs of supporting them at least on checking accounts that attract fees (assuming free checking is not the norm in Australia). 

Report abuse
A Finextra member
A Finextra member 01 September, 2014, 09:50Be the first to give this comment the thumbs up 0 likes

Guessing they haven't considered using Post-Issuance Script Management solutions to change the Card Floor Limit Parameters for Contactless transactions?

This kind of panic and scaremongering happened in the UK too - but there is a limit to how many consecutive contactless transactions can be performed before the Chip forces a Contact/Dipped transaction with Verification.  The maximum exposure in the UK is £60 which is covered by the Issuer (their liability, not the Cardholders).

Report abuse
A Finextra member
A Finextra member 01 September, 2014, 11:362 likes 2 likes

There seems to be some confusion between the role of the OS and the role of the application in this post. To be clear, the card operating system has nothing to do with the contactless behaviour of the applications loaded onto it. This is totally down to how the issuer of the card has chosen to configure these applications during personalisation or thereafter through scripting.

Report abuse
A Finextra member
A Finextra member 03 September, 2014, 14:13Be the first to give this comment the thumbs up 0 likes

Simply set the limit to 20AUD per transaction and limit the number of consecutive contactless txns until PIN is again required (e.g. 5 in AU, 3 abroad) - and the panic will be over (if contactless limit parameters can be changed, of course). Exactly such limitations (but in EUR) were introduced in Slovakia in 2010 and it is now (together with Poland) ahead of UK with >50% of contactless-enabled POS and was named by VISA as "hero contactless market" in 06/2013 - see more at  https://www.finextra.com/blogs/fullblog.aspx?blogid=9703.

Report abuse
Join the discussion
Elton Cane

Elton Cane

Digital product delivery

News Corp Australia

Member since

16 Feb 2007

Location

Brisbane

Blog posts

116

Comments

54

More from Elton

Now hiring

See more