5 contactless security myths, debunked

When it comes to the security of contactless cards, there are plenty of rumours out there. That’s why we’ve decided to sort the facts from fiction by debunking five of the biggest contactless myths...

Contactless cards: handy, or risky? Some people believe their convenience is too good to be true, and that using them can open you up to theft and fraud.

The truth is, a lot of work has gone into making contactless cards safe and secure.

We’re here to bust those contactless myths once and for all, so you can go cash-free with confidence:

Myth: If I put two contactless cards near a terminal, it could charge the wrong card – or even charge me twice

Smart security tech has you covered, as Visa technology doesn’t allow double payments, so it’s not possible for a terminal to charge you twice during one transaction.

When you put two or more contactless cards near a terminal, the terminal will – most likely – charge the first card it sees. That’s why we don’t recommend tapping your wallet against the reader if you have more than one contactless card.

Myth: I could accidentally tap my card against a reader and pay for someone else’s shopping

There’s no need to worry about picking up someone else’s bill; most terminals can only read cards when they’re within 10cm, so you’d have to be very close to pay by mistake.

Myth: Someone could steal money from me by putting a card reader against my pocket

Back in 2016, a photo of a man holding a card reader was shared online suggesting that he was a ‘pickpocket’ trying to steal money from people’s contactless cards.[1]

You’ll be relieved to learn that, in reality, this wasn’t the case at all: the UK Cards Association responded to the photo, explaining there was no evidence that this had happened, and they’d never received any reports of this happening.

The ‘pickpocket’ would need a legitimate business account and a registered terminal to take any payments. What’s more, card readers will turn down transactions if they encounter other objects, such as other cards, keys and phones. The thief would have been incredibly lucky to pick up any money this way. And of course, our fraud protection guarantee covers you in any instance where your card is lost or stolen and misused.

Myth: Someone could use a card terminal to clone my card

With both contactless and Chip & Pin, the data that your card shares with the terminal is 100% encrypted. That means it’s highly unlikely for someone to be able to clone your card using a terminal. However, if a fraudulent transaction ever was successful, our fraud protection guarantee is always there for your peace of mind.

Myth: If my card is lost or stolen, someone could spend my money and I won’t get it back

We have security measures in place that will protect your hard earned cash if someone ever managed to get hold of your card.

Contactless uses the same level of security as a Chip & PIN transaction, and has certain features that limit fraud. For instance, your contactless card can only be used for transactions under a certain amount – £45 in the UK. And as an extra security measure, we’ll also ask you to enter your PIN every few transactions if you use a Halifax contactless Visa debit card. This is our way of checking in with you, and making sure nobody else has got their hands on your card.

Meanwhile, if you know your card is lost or stolen you can cancel your card; it’s easy to do this over the phone or via our Mobile Banking app. Security measures will then alert us if someone is trying to use a blocked card, and the transaction will be declined.

Even if someone does manage to spend money before your card’s cancelled, our fraud protection guarantee is in place to protect you and put your mind at ease – helping you to get your money back.

[1] Source: Independent

Want to learn more?

Relieved to discover how safe contactless is to use, and want to find out more about the many ways you can use it? Here is an article you may find helpful.

Halifax is a division of Bank of Scotland plc. Registered in Scotland No. SC327000. Registered Office: The Mound, Edinburgh EH1 1YZ. Bank of Scotland plc is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority under registration number 169628.