To tap or not to tap: Are NFC payments safer?

These cards required insertion into payment terminals and authentication with a PIN, marking a shift toward more secure transaction methods.
These cards were still susceptible to cloning or information theft, though perpetrating such crimes was more challenging than with magnetic stripe cards.
Near-field communication, or NFC, evolving from radio frequency identification, emerged as a new payment standard in the latter half of the 2010s.
With this technology, the original chip-based cards have become even more useful, as instead of having to insert them into payment terminals and ATMs, all it takes is a tap onto an NFC-enabled payment device to transfer money.
The process through which NFC payment works operates quite similarly to Bluetooth or other wireless communication systems, utilizing radio waves to activate and verify the information being transmitted.
Specifically, in the case of a payment, the terminal receives information from the phone, which it then processes and approves to facilitate the transaction.
As opposed to regular card skimming, NFC communication is encrypted and tokenized - meaning that a card can hardly be duplicated thanks to its information being hidden.
While it is true that NFC technology is more secure, especially when it comes to making payments, it doesn't mean that it is infallible, as malicious actors can easily exploit certain vulnerabilities to get what they want.
What's more, since NFC payments are inherently built based on the aspect of convenience, there is a lack of additional authentication that a regular chip-based card would require, for example.
If someone does steal your credit card, they can easily make fraudulent payments without them needing to input a code, and depending on your set payment limits, the sums can be quite high.
Both payment services only work when enabled, so there is less of a chance of someone just leisurely initiating a payment from you.
While smartwatches are great in many ways, enabling payments through them might be problematic, primarily due to the lack of additional authentication beyond a short PIN required to unlock the watch.
To end this article on a more positive note, there are ways you can make your contactless payments more secure.
Try RFID blockers - These are small cards or wallets that create a barrier between your card and the outside world, mitigating potential skimming attacks.
Set up low payment limits - This can be done through your bank or their software, wherein you can set a maximum limit on how much you can purchase through contactless payments.
Use phone payments - Even though these apps can have their flaws, they are still a bit more secure than contactless cards, thanks to additional authentication requirements.
Skip smartwatches - Due to lower security, enabling payments on smartwatches might pose potential problems.
Get a travel card - If you're worried about the express payments angle, get a top-up travel card, if possible, instead of using your own credit card/phone as a means of paying for tickets.
These are just some methods you can employ to have more secure payments.
Before you go: Mobile payment apps: How to stay safe when paying with your phone.


This Cyber News was published on www.welivesecurity.com. Publication date: Fri, 08 Dec 2023 09:58:40 +0000


Cyber News related to To tap or not to tap: Are NFC payments safer?

Unveiling the Power of NFC Technology - Key Components of NFC Technology Tags and Readers NFC technology is based on two essential components: tags and readers. This exchange of information is what enables NFC technology to be used for various applications, such as contactless payments, ...
11 months ago Feeds.dzone.com
To tap or not to tap: Are NFC payments safer? - These cards required insertion into payment terminals and authentication with a PIN, marking a shift toward more secure transaction methods. These cards were still susceptible to cloning or information theft, though perpetrating such crimes was more ...
1 year ago Welivesecurity.com
As Digital Payments Explode in Popularity, Cybercriminals are Taking Notice - With $54 trillion in payments flowing through the world's leading transaction avenues, the payments space is truly exploding. Traditional banks are moving full speed ahead in fulfilling consumer expectations for instant and easy digital payments by ...
11 months ago Cyberdefensemagazine.com
Accepting Ethereum for Businesses, An Overview - For a business looking to stay ahead of the curve, opting to accept Ethereum payments could be the key to unlocking a new world of opportunities. Accepting Ethereum payments offers businesses global market reach, cost-effectiveness, privacy and ...
10 months ago Hackread.com
Preventing Credit Card Fraud with PoS Malware: How Prilex Blocks Contactless Payments - New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware. On a payment terminal, contactless transactions use NFC ...
1 year ago Bleepingcomputer.com
Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards - The Brazilian threat actors behind an advanced and modular point-of-sale malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions. Russian cybersecurity firm Kaspersky said it ...
1 year ago Thehackernews.com
Rising fintech trends for 2024: From A2A payments to GenAI in banking - The fintech market is undergoing a rapid shift, with the rise of new technologies, such as Open Finance, generative AI and A2A payments having a major impact on business models, according to Juniper Research. This is combined with unprecedented ...
11 months ago Helpnetsecurity.com
CVE-2021-47180 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
Ransomware Payments Surpassed $1 Billion in 2023: Analysis - The payments made by victims of ransomware attacks doubled in 2023 compared to the previous year, exceeding $1 billion, according to blockchain analysis firm Chainalysis. The company has looked at the cryptocurrency wallets known to be used by ...
10 months ago Securityweek.com
NSKnox Raises 17 Million To Improve B2B Payments Security - NSKnox, a B2B payments security firm, has recently raised $17 million in its Series A funding round. As businesses increasingly transition to digital payments and process billions of dollars in transactions every year, cybersecurity problems are ...
1 year ago Securityweek.com
How Businesses Can Manage Cryptocurrency Fraud - With cryptocurrency payments on the rise, businesses must learn how to safeguard against potential risks. Businesses across the US are seeking innovative payment methods, with an estimated 75% of retailers looking to embrace cryptocurrency payment ...
10 months ago Cyberdefensemagazine.com
Apple May Open iPhone NFC Access To Competitors - Apple reportedly offers to open access to iPhone and iPad standardised NFC to competitors in bid to settle antitrust probe. Apple may reportedly open the standardised tap-to-pay technology in iPhones to competitors following an antitrust ...
1 year ago Silicon.co.uk
Darktrace and Garland Technology Collaborate to Help Businesses Secure Operational Technology Environments - PRESS RELEASE. CAMBRIDGE, England, Jan. 24, 2024 /PRNewswire/ - Darktrace, a global leader in cyber security AI, and Garland Technology, a leading manufacturer of network TAP, aggregator, packet broker, data diode and inline bypass solutions, today ...
10 months ago Darkreading.com
More than $100 million in ransom paid to Black Basta gang over nearly 2 years - The Black Basta cybercrime gang has raked in at least $107 million in ransom payments since early 2022, according to research from blockchain security company Elliptic and Corvus Insurance. The group has infected more than 329 victim organizations ...
1 year ago Therecord.media
British Library: Finances are healthy amid cyber rebuild The Register - The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. Reports at the weekend suggested the ransomware recovery costs were ...
11 months ago Go.theregister.com
British Library: Finances are healthy amid cyber rebuild The Register - The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. Reports at the weekend suggested the ransomware recovery costs were ...
11 months ago Packetstormsecurity.com
CVE-2018-3020 - Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability ...
5 years ago
CVE-2018-2896 - Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability ...
5 years ago
CVE-2018-3026 - Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability ...
5 years ago
How to Share a Wi-Fi Password: A Step-by-Step Guide - You can unsubscribe at any ...
2 months ago Techrepublic.com
Ban on ransomware payments? The alternative isn't working The Register - Emsisoft has called for a complete ban on ransom payments following another record-breaking year of digital extortion. On average, these attacks cost targets about $1.5 million to rectify. This included 46 American hospital systems, 108 K-12 school ...
11 months ago Go.theregister.com
Ransomware payment ban: Wrong idea at the wrong time The Register - Opinion A general ban on ransomware payments, as was floated by some this week, sounds like a good idea. This is because a payment ban would inevitably have to include an exception for incidents where not paying the ransom poses a serious risk of ...
11 months ago Go.theregister.com
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
10 months ago Securityboulevard.com
New Versions of Prilex POS Malware Can Block Contactless Transactions - New versions of Prilex point-of-sale malware have been spotted in the wild. Their new capabilities include blocking Near Field Communication credit card transactions. This way clients are obliged to use the machine to pay, allowing the malicious code ...
1 year ago Heimdalsecurity.com
CVE-2018-2704 - Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)