Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels

/security

News and resources on cyber and physical threats to banks and fintechs worldwide.
News
See Headlines »

Lead Channel

Security

Channels

Retail banking Payments

Keywords

Cards Mobile & online banking
Editorial | what does this mean?
This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.
Fraud spike forces bus company to ban online banks and cut mobile contactless limits

Fraud spike forces bus company to ban online banks and cut mobile contactless limits

An Essex bus company has banned customers from Monzo and Revolut from using their smartphones to pay for fares and has slashed mobile contactless limits to just £10 following a spike in debit and credit fraud across the network.

Ensignbus, which ploughs routes through Southend, Grays and Tilbury, says it suffered £10,000 worth of losses through contactless 'non-payments' over the last three months.

The reduced contactless limit affects all users trying to pay via iPhones and Android devices, while transactions from Monzo, Reveolut and ABN Amro apps have been blocked at the ticket machines.

An Ensignbus spokesman told the local paper: "As part of ongoing contactless fraud/non-payment issues, a number of banks are now blocked on our ticket machines.

"The most common which may affect you are Revolut, ABN Amro and Monzo.

"If you use any of these, please use an alternative bank card or cash."

Passengers are being advised to make more than one contactless payment transaction for tickets above the £10.00 limit. For season ticket purchases, the transit scheme has withdrawn contactless purchases completely and moved to a cash-only system.

Lead Channel

Security

Channels

Retail banking Payments

Keywords

Cards Mobile & online banking
Editorial | what does this mean?
This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

Sponsored: [Webinar] Creating a Seamless Banking App Experience

Comments: (5)

Jim Bray
Jim Bray - Quinteft.com - Palm Coast 24 August, 2022, 14:42Be the first to give this comment the thumbs up 0 likes

It would intresting to learn how the fraudesters are taking advantage of vulernabilites in contactless machines.

Report abuse
A Finextra member
A Finextra member 25 August, 2022, 08:411 like 1 like

I'd like to learn more about this. If people are clever enough to run this fraud, why waste their brainpower on stealing a few free bus journeys. There are fatter targets availabe.

Report abuse
A Finextra member
A Finextra member 26 August, 2022, 10:57Be the first to give this comment the thumbs up 0 likes

Probably cloned cards  sold for £100 each  - not a bad deal for copy-paste 

 

Report abuse
Jim Hart
Jim Hart - Pollinate International Limited - London 30 August, 2022, 09:53Be the first to give this comment the thumbs up 0 likes

You can't easily clone contactless cards. This fraud likely does not require genius... Some bus companies are not using GSM POS so don't process payments until they're at the depot. This means they'll authorise a payment but not actually check the funds are there. As Revolut and Monzo are pre-pay, and don't offer any form of overdraft, it's quite easy to get a card then zero the acount but still hold a valid card with an approval limit only set by the POS. Hence, buying a high-value seasonal ticket on the card is authorised at point of sale, and the season-ticket issued, without there actually being any funds on the card used to pay with... As a scammer, you'll not get rich doing this but it is a fairly easy fraud. This is the same reason pre-paid cards like Revolut are not authorised on flights, or ferries etc.. It was all too easy for fraudsters to buy loads of tat from the onboard duty free without ever having to pay for it.

As a solution, the bus company needs to either upgrade their POS to GSM units (which will add 10-15 seconds in the authorisation process...) or block pre-paid cards, or even just block them only for higher-value transactions which is a middle-ground.

Report abuse
David Abbott
David Abbott - FIS - London 30 August, 2022, 11:41Be the first to give this comment the thumbs up 0 likes

thanks Jim - that was a very useful update - i was familiar with the Airline duty free issue - didnt realise this was the Bus issue -  seems shortsighted not to include an auth capability - but the additional 10-15 second wait could put a huge dent in timetables if bus needs to onboard 20 passengers 

Report abuse
Join the discussion

Write a blog post about this story (membership required)

[Webinar] AI and Synthetic Data: Fighting Financial Fraud and Protecting Customers[Webinar] AI and Synthetic Data: Fighting Financial Fraud and Protecting Customers

Trending

Trending

  1. UK shoppers frustrated by payment outage

  2. Developing HSBC's Zing app: The role played by Visa, Currencycloud and Tink

  3. Divido calls in the administrators

  4. Banco Santander and Google offer free AI training for everyone

  5. Apple reaches deal with EC on NFC payments access

Research
See all reports »
Payments Modernisation: The Big Survey 2024

Payments Modernisation: The Big Survey 2024

The Future of Digital Banking in Europe 2024

The Future of Digital Banking in Europe 2024

Fraud and AML Case Management: How to Operate at the Speed of Risk

Fraud and AML Case Management: How to Operate at the Speed of Risk