Disabling contactless feature on card


(Jolin) #31

I cut a notch in the top of my Nationwide debit card when I first received a contactless one (at the time they didn’t offer a non-contactless option, now they do). Back then I was worried about the security implications of contactless.

Since getting my Monzo card last year, I’ve become a convert to contactless and really think it’s a great advance in payments. But if you want to disable the antenna, it is possible, and I’ve not had any problems using the card (except for the few odd looks/comments from merchants).


#32

Cards don’t have to be a rectangle. Mint had curved cards. Natwest do non-standard shape ones too for visually impaired people. So cutting a corner off your card should still work in a machine.


Cards for the blind
(Marta) #33

I never thought of that, but this, my sir, is really good idea that Monzo could get to help people with visual impairments. I haven’t actually seen it isolated anywhere as separate functionality either (Alex might prove me wrong :smirk:). I would even opt out to have a ‘different’ card just to promote this functionality.


(Alex Sherwood) #34

The article that I posted earlier in the thread shows what happens if your Monzo card was used fraudulently by someone else.


#35

Not too worried about the security of contactless given the small size of the transactions and the easy ability to freeze the card as soon as you see one ping up on your phone, but think this feature should be available for those who want to use it.

Having been a victim of fraud last year (picked up before they were able to spend any big money), the biggest issue I had, was getting Netflix to stop their continuous payment authority mechanism following my new card about, for an account I never set up! Went through 3 cards in three months before they stopped and refunded.:rage:


(Alex Sherwood) #36

I’m not sure that bumping the topic is a good idea but this is good to know & also a good test to see who can ignore the sensationalist headlines & focus on what matters :wink:

Here’s the news story that David’s linked to in his tweet -


In App switches and location based security
Lost card
#37

This is really a non-story. At the beginning of that period few customers had contactless cards, not all retailers took them, and the limit for contactless payments was lower. Two years later and more people have contactless cards, more retailers accept them, and the contactless limit has gone up. So of course fraud grows.

As for quoting a percentage that is sensationalism. A tiny percentage on long standing tech with billions of users would be more worrying than a large percentage on new tech with only a few early adopters. Percentages are useless without the data they applied to, and best used when comparing multiple datasets of something similar rather than just one data set.


(Alex Sherwood) #38

I’m not following you there - the % indicates the likelihood of fraud when contactless payments are enabled (thought Monzo has additional safeguards) so we know, based on that %, that the risk is minute & therefore, the requested feature is less necessary, right?


#39

one article headline said it soared 4500%

Well 4500% on a group of 2500 users say is less worrying than 4500% on a group of 25,000,000 users. So trying to compare a 4500% rate on the small number of UK contactless users (predominately new debit cards) versus a much lower percentage on a larger number of chip and pin users (debit and credit cards with both new and older issue dates that lack contactless) the lower rate on chip and pin could be more worrying as due to the larger user base there could even with a lower percentage be a higher number of fraudulent transactions. That is ignoring the fact that the non-contactless transactions may be of higher value.


#40

I think Richard is referring to the ridiculous 4500% increase in fraud - it is meaningless.

If there was one incidence of fraud 2 years ago and 45 now, that would be a 4500% increase - without the active users it is just sensationalist rubbish.


#41

It’s the sort of drivel that health researchers like to spout as it is great clickbait - your chance of getting insert horrible condition here is 50% higher if you eat bacon on Tuesdays. Yes, it went from a vanishingly small number like 1 in a million to another vanishingly small number, 1.5 in a million.

But mathematical rigour has no place in Daily Fail style reporting.


(Sam Duke) #42

I think that card clash is an important issue that needs to be solved but it has to be solved differently to this.

Firstly contactless readers need to start dealing with more than 1 NFC card in the field which is fully supported by the underlying standards. Despite only having 1 card in my wallet capable of making a contactless transaction, card readers reject my wallet because my work ID is in there. On the other hand, my work card readers successfully index the cards in my wallet and read from the work ID card to confirm me.

Now that fixes MY wallet. BUT in the situation you have multiple cards capable of making a contactless transaction in your wallet, @Mikeee is dead right - the reader will either see the wrong one, or see multiple and throw up.

What we need is a way to write a bit to the card to disable contactless on the card itself (not through the app/backend software). This would be as simple as holding your card to the back of your (android) phone and having it disable/enable contactless at the hardware level. I have no idea if the current MiFARE chips support this but if I were banks I’d be pushing them hard for this feature…

Just my $.02


(Jolin) #43

Or what about a little inline physical switch (similar to the ‘lock’ switch on SD cards)? The switch could introduce a break in the antenna circuit when in ‘contactless off’ mode. I’d much prefer this, as:

  1. It would be easy to determine at a glance whether contactless is enabled
  2. It is trivial to enable and disable the contactless of a card, without getting out and fiddling about with my phone

(Mike) #44

Don’t know about you but after a month my cards are warped from being in my wallet - not sure a (what I’d assume to be flimsy) switch would help those like me much…:sweat_smile:


(Hunter) #45

Seeing as other prepaid card providers offer this feature is find it odd that Monzo has not yet implemented it. On my Revolut card i keep my contactless turned of 99% of the time and only enable it when i am using the card. I think this feature will have to be added in order to keep up with the competition, do you agree?

Have you ever had your card details stolen because of the contactless chip? It is crazy how easy it is to do and i have met countless people that have had their card cloned and used while still in the possession of their own card! Contactless is easy but the security of it is laughable! I keep mine in an RFID wallet but that is not really ideal!


(Tommy Long) #46

How do you know they had their card cloned via contactless and not some other means?


#47

I must admit this kind of theft doesn’t really bother me. The chances of someone skimming my card is so high. Mainly due to the fact I have more than one contactless card in my wallet at any one time. Try just holding your wallet up to a contactless reader with more than one card and it will ask to present one card.

That said, my current wallet does have RFID protection (I wanted the wallet, not the protection). With Monzo’s instant notifications, the chances are the account holder will spot the fraud and freeze the card before all funds are drained.


(Hunter) #48

There is more than one instance so i can not give an answer for everyone but if you have not put a card in a reader or an atm for months and only used contactless and you find out the card has been cloned then there is a high chance it was because of the contactless.


(Alex Sherwood) #49

I think if the competition want to waste their time developing a feature that doesn’t add significant value then great. But that’s definitely not a reason for Monzo to build it too.

No & according to the article I posted earlier in the thread, your chances of this happening are very slim. Then, if it does, Monzo will reimburse you anyway :slightly_smiling_face:

It is easy to clone the magstripe on your card (which is why Monzo disable it by default) but that’s not the same thing as contactless fraud…


(Tommy Long) #50

There’s not a high chance it’s because of contactless unless you have proof otherwise?

In theory you’d be able to tell (or at least the bank would) because surely a card that had its contactless skimmed would only be able to do contactless transactions, one with its magstripe cloned would only be able to do magstripe, one where the details were stolen online would only be able to do online, etc.