Thales Blog

Should Security Be A Concern For Contactless?

August 18, 2009

Although fraud remains a concern in all payment channels, contactless payments should be viewed as robust from a security point of view. The industry has been careful to add security on both the contactless devices and in the processing network, including a unique built-in secret key on the card which generates a unique Card Verification Value or CVV.

In addition, the networks have the ability to detect repeat transaction information which has been a problem in the past for other types of transactions. A ‘repeat attack’ is where the fraudster obtains all the information from a real transaction and then conducts the same transaction many times over. The fraudster relies on the system that they’re trying to attack not realising that it is receiving the same instances of the real transaction. With contactless however, this type of fraud will be more difficult to commit as the added network security means that a contactless transaction can only be processed once. Furthermore, the processing of contactless payments does not require the use of the cardholder’s name and some cards do not even include the cardholder’s account number.

As consumers become increasingly security conscious, the knowledge that contactless is a low risk method of payment, should help drive adoption across the globe.