Ability to Remove Contactless?


(Sahand) #1

Can we have the ability to request non-contactless cards please?


Ending the Monzo Prepaid Beta
(Hugh) #2

Producing cards which don’t have the contactless hardware would be quite expensive. However, it is my understanding that contactless can be permenantly disabled backend.


#3

Can I ask why you’d want this?


#4

This might be interesting to you:

Detail of how contactless payments work.

Also, older thread about this can be found here:


(Jolin) #5

I’m not sure why you’d want to do this, but the thread Dominic pointed you to includes this illustration of how to (permanently disable the contactless feature on any card (click the :arrow_down_small: to see the photo):


(Danny) #6

Coz people can walk past you with devices that still money don’t you know :eyes:


(Allie) #7

That’s just absurdly unlikely. Since they’re now supporting contactless magstripe mode, pre-play attacks are feasible and a risk - I’d like to be able to turn on/off all magstripe (including contactless magstripe mode). But not card cloning. If someone runs a transaction against it, they’re an idiot since merchant accounts have strict ID checks.

Theft with EMV-mode contactless, no real chance.


(Danny) #8

(Allie) #9

Utter rubbish fearmongering that I already addressed. If anyone actually did that, they’d be an idiot quickly on their way to prison. That ‘theft’ requires a legitimate merchant account! An easy way to get caught and go to prison!


(Danny) #10

No it’s real, it’s in more than one online publication

Also if not real why do they sell these?


(Allie) #11

Okay, I missed your sarcasm when it was one link in isolation. :joy::joy::joy:


(Danny) #12

90% of my posts are sarcasm, trolling or just general shit as just shown here :joy_cat: :man_cartwheeling:


#13

I’ve yet to find the other 10% :laughing:


(Danny) #14

Errrr I am serious sometimes you know :man_cook:


#15

Contactless card fraud is a real and huge issue. Not by the ‘walk past with a card reader’ people, but if your card is stolen the issues for you mount up real quick.

Whilst you will likely get refunded by the bank, because the bank just take their money back from the retailer who took the fraudulent card usage.

It leaves you sorting out with the bank, if your account goes into overdraft you have to sort that, then any issues you have via credit reference agencies.

I deal with this on a daily basis and it’s a HUGE problem. This so called ‘victimless’ crime is likely the single biggest cause of the inflated prices we pay for just about everything we buy. It’s so widespread it’s impossible to contain and is spiralling out of control everyday.

We had signatures, not great but better than nothing, then chip and pin, much better but not infallible. Now contactless, nothing needed, no checks, no nothing. It’s just open season for even the dumbest crook. Whoever thought up contactless wants locking up.

Now Apple Pay is secure contactless, as it requires some form of security. Just the card, open season.

If contactless was disabled tomorrow on all cards, economic crime in this country would drop off a cliff. Entire countries, I think it’s The Netherlands, have backtracked on taking cards due to the high proportion of fraudulent transactions.

Why we don’t follow and only accept chip and pin, or accept Apple/Android/Samsung Pay I don’t know. Contactless just makes no sense.


(Allie) #16

This is untrue. There are no chargeback rights for contactless card fraud, properly presented if all procedures were followed. The issuing bank is the one who is liable for contactless fraud.

Every report is that Monzo is great about dealing with fraud, and any credit reporting will be removed as part of a fraud report also.

It isn’t victimless, we all pay higher bank fees because of any fraud, but it isn’t a huge problem. It’s about 0.4% of card fraud last I heard. Magstripe cloning (which does have chargeback rights, because shops shouldn’t be using the magstripe anymore) is a much bigger issue.

Now, that’s just not true either, there aren’t ‘no checks’ on contactless. For one, there’s the check that the card is real provided by the EMV transaction cryptrogram. This alone makes it much safer than magnetic stripe. There are also fraud detection algorithms on the back end. To say there are no checks is simply wrong.

If 0.4% is a cliff, whatever? The Netherlands never had high card acceptance, but it’s increasing rapidly.

It’s more convenient and far more secure than cash. Can’t block and get back stolen cash!


#17

Do you deal with this fraud daily? I can assure you contactless fraud is a huge issue. As you say, 0.4% of crime takes up about 60% of my day most days.

So you’re saying it’s the banks that absorb the losses? As that’s news to me.

I think everyone is entitled to their opinion, but people do view contactless as victimless, as the bank customer gets the money back, but someone somewhere takes the hit. In turn that’s everyone who buys anything. I’m not saying any particular payment method is best, just some have to be more secure than tapping a card on a machine.


(Allie) #18

No, it simply isn’t a huge issue, things are relative. If you deal with contactless fraud cases a lot, then yes, it’ll seem huge. But to claim crime would fall off a cliff if contactless was banned is just laughable, it’s far more secure than cash, Internet fraud, etc. Internet and magstripe cloning, not contactless, are where fraud is happening for the most part. Fraud losses wouldn’t change noticeably.

Correct, there are no chargeback rights for lost/stolen contactless fraud. Banks are liable. There may be for magstripe mode pre-play fraud, because shops shouldn’t still be using this mode - I’m not sure on that.

Well, yes, I acknowledged that. But if you want to reduce the hit everyone suffers, worry about creative ways to end online fraud, ATM fraud, magstripe fraud, etc. Contactless is not perfect, but it’s a whole lot safer than the cash it usually replaces.

Tapping itself isn’t insecure, but of course you have a valid point it’s single-factor authentication. It’s (for EMV-mode) very strong, and combined with back-end fraud analytics is very, very safe - far safer than cash. But not as safe as chip and PIN (which can be done over contactless, but isn’t generally supported in the UK as the PIN must be verified online).

It comes down to risk vs convenience - it’s a trade off. A very small amount of fraud is considered acceptable for convenience. If it wasn’t, online shopping would be banned or the awful 3-D Secure system would be forced on everyone (can’t wait for 3-D Secure 2, it’s needed badly).

Contactless is actually one of the few fraud areas that don’t hit merchants, as things like online shopping fraud and magstripe fraud (except fallback) have chargeback rights. Contactless fraud hits banks. They wouldn’t offer it if it wasn’t, on the whole, very safe and well worth the payoff.

P.S. if you want to know more about when chargebacks can occur, check out the MasterCard Chargeback Guide


#19

Doesn’t Monzo’s app have the ability to block contactless payments? N26 and Revolut allow this.


(Allie) #20

No, but it prefers online authorisation, so if you freeze the card it should stop most payments (contact and contactless).