How are contactless payments secured?

Contactless cards are becoming a popular way to pay for everyday low-cost goods. It’s so quick and easy – not even requiring a PIN number – that you might question how secure the process really is. But don’t worry, there is little to fear as there are a number of security measures put in place by card providers, both on the card itself and the network that processes your payments.

Firstly, each card has a unique ‘key’ that uses encryption to generate a unique card verification value, cryptogram or authentication code. This is used to identify each transaction, and no two cards can share the same key. The key itself is also never transmitted.
Your card issuer then verifies that your contactless transaction has a valid card verification value, authentication code or cryptogram before authorizing the payment. So if your card issuer thinks there is something suspicious about the payment, it can reject an attempt to use the same transaction information more than once.
Here are a few facts about contactless to reassure you that they are safe:

  • Contactless payment devices operate at very short ranges – less than 2-4 inches – so you have to make a deliberate effort to make a payment
  • The payment network used to process contactless payments is the same that processes millions of magnetic stripe transactions securely today. So every time you swipe your card, you’re using the same network that has been trusted for decades
  • Your actual name is never transferred, so even if your card details were somehow intercepted, the thief couldn’t use them to buy anything else
  • A more practical security measure, but with contactless payments, you never need to let go of your card. This means your card cannot be cloned, and you never have to read out or each any account information ever.

Finally, you shouldn’t worry that cardholder information used during a contactless payment transaction could be used by thieves. Each time you use your card, the device generated transaction information changes, so any data stolen would only be useful for that transaction alone. This makes it more secure that traditional card fraud where thieves obtain your long card number, expiry data, name, and CVV number on the back of the card.
If you have any other questions on contactless or anything else, please don’t hesitate to get in touch.