Happy tapping: why it’s time for a more secure solution to contactless fraud
October 2019 by Marc Jacob
Since their launch in 2007, contactless cards have revolutionised the payment industry. Contactless payments overtook chip-and-PIN as of July 2018, with more than 52% of the UK’s monthly card transactions conducted through a contactless card. Thanks to the ease of tap-and-pay transactions, consumers now expect to pay with contactless not only at big retailers, but also from market stall holders and, now, even Big Issue vendors.
But, despite the convenience that contactless payments offer, consumers are still fearful of the threat of fraud caused by tap-to-go payment cards. In fact, research from IDEX Biometrics ASA has revealed that more than three-in-five (63%) UK consumers are worried that their contactless payment cards could be used fraudulently.
While nearly half (48%) of consumers believe contactless cards have made their in-store shopping experience more convenient, nearly three-in-five (57%) are concerned that contactless transactions expose them to theft and fraud. Worryingly, more than half of consumers (54%) also fear that criminals could scan a contactless card in their pocket, making them a victim of theft without their knowledge.
In a bid to reduce consumers fears and counter fraud in payment transactions, the European Banking Authority introduced the Second Payment Services Directive (PSD2) on 14th September. This new law, aimed at enhancing online and payment security, requires banks and retailers to implement new Strong Customer Authentication (SCA) methods for online and in-customer card payments. For consumers, this means providing at least two factors of authentication for transactions. These are factors such as a PIN or a one-time passcode, or biometric data, combined with the possession of a payment card—even for contactless payments.
The introduction of contactless payments was supposed to make shopping easy. But while the roll out of new SCA factors aims to combat fraud concerns, these additional authentication methods are actually frustrating for shoppers. Our research found that two-in-five (44%) 25-34-year-olds believe that the current £30 limit for contactless payments should be removed altogether and nearly one-third (27%) of adults overall agree. PINs prove just as much of an inconvenience, as more than a third (35%) of 18-34-year-olds will make sure their transaction is under £30 so they can simply tap and pay.
A better solution
However, with more than a quarter (26%) of those with a bank account concerned about the security of PINs to keep their money safe, not even passcodes are strong enough for consumers. Evidently, we need a better solution to prevent contactless card fraud, alleviate consumer fears and encourage worldwide adoption. Our data shows that UK consumers are ready to welcome a new form of payment card, one that combines both convenience and enhanced security.
Notably, nearly half (49%) of consumers state they would actually feel more secure if they were able to use their fingerprint and PIN to authenticate transactions via their payment card. This highlights that consumers would be much more confident about contactless payments if their bank card was protected by biometric authentication, such as a fingerprint scan, and not just card possession or a PIN as a verification method.
Consumers want more convenience than PINs provide. More than a third (35%) of UK consumers already expect fingerprint biometric authentication to be rolled out for transactions by 2020, so banks and card manufacturers need to step up now to adopt biometric technology and revolutionise payment cards for the future of payments.
With the addition of fingerprint biometric authentication, payment cards can’t be scanned from your pocket or used without your knowledge, as the registered fingerprint must be on the card sensor to verify a transaction. This ensures a stronger level of security for contactless payments and reassurance for consumers.
Security of their data is also an important concern for UK consumers. More than two-in-five (44%) consumers state that if banks can assure them that their fingerprint biometric data would be safe, unshared and not held anywhere, they would be happy to use biometric authentication as a replacement to their PIN. Crucially, on fingerprint biometric cards, at enrolment, the fingerprint image is instantly processed into a data template. This is then stored securely in the card and not in a central database, meaning the customer’s details never leave the card.
Despite consumer fraud concerns, contactless transactions in the UK continue to grow every day. Therefore, the financial industry must do more than just introduce multiple new authentication factors to address consumers’ growing concerns about card theft and contactless fraud. In our have-it-now era, consumers want a transaction process that is fast, frequent and free from hold ups. While PINs and payment limits are currently important anti-fraud measures, shoppers are already irritated by these extra steps in the payment process. They need an easier, more secure solution.
Fingerprint biometric payment cards offer this solution, providing both stronger security and payment convenience that doesn’t hinder the contactless process. As the fingerprint sensor on the payment card is placed in the natural position for holding the card, a contactless transaction can be carried out without any additional steps for the user.
With the support of biometric technology, fingerprint authentication payment cards can help overcome fraud from contactless payments and enhance our shopping experience. If the financial industry act now to adopt fingerprint biometric payment cards, contactless fraud, PINs and payment limits will soon become a thing of the past.