✅ Disabling contactless feature on card

I must admit this kind of theft doesn’t really bother me. The chances of someone skimming my card is so high. Mainly due to the fact I have more than one contactless card in my wallet at any one time. Try just holding your wallet up to a contactless reader with more than one card and it will ask to present one card.

That said, my current wallet does have RFID protection (I wanted the wallet, not the protection). With Monzo’s instant notifications, the chances are the account holder will spot the fraud and freeze the card before all funds are drained.

2 Likes

There is more than one instance so i can not give an answer for everyone but if you have not put a card in a reader or an atm for months and only used contactless and you find out the card has been cloned then there is a high chance it was because of the contactless.

I think if the competition want to waste their time developing a feature that doesn’t add significant value then great. But that’s definitely not a reason for Monzo to build it too.

No & according to the article I posted earlier in the thread, your chances of this happening are very slim. Then, if it does, Monzo will reimburse you anyway :slightly_smiling_face:

It is easy to clone the magstripe on your card (which is why Monzo disable it by default) but that’s not the same thing as contactless fraud…

3 Likes

There’s not a high chance it’s because of contactless unless you have proof otherwise?

In theory you’d be able to tell (or at least the bank would) because surely a card that had its contactless skimmed would only be able to do contactless transactions, one with its magstripe cloned would only be able to do magstripe, one where the details were stolen online would only be able to do online, etc.

3 Likes

it does actually appear to be a standard as the curved notch in one end of the accessibility card is the same on RBS Group (incl NatWest), Barclays, Handelsbanken UK, etc

Just to show what this looks like:

I’ve never had any problems with acceptance of this card, the slightly non-standard shape doesn’t seem to be an issue.

I’m not saying I’m worried about the risks of contactless anymore, just this is an effective way of disabling it for those who are. I agree with @alexs and others that the risk seems to be minimal. And with :monzo: you’ll get a notification the first time a skimmed card is used, and the most you’ll be out of pocket (temporarily) is £30 with contactless. If they’ve skimmed your contactless details, they can’t use them for larger chip & PIN purchases.

So I think the convenience far outweighs the risk. I’m against even the hassle of a shielded wallet. I love being able to just tap my wallet to the reader and pay, no card removal necessary. :heart:

2 Likes

The only thing I have heard is that the card could be swallowed by ATMs if it is found to be faulty. Only something I saw mentioned here on the forums so not sure on the validity of that.

2 Likes

I’d be very surprised if the majority of ATMs have any form of contactless reader - they are ancient!

I really don’t get this worry about contactless though…

2 Likes

There is anti collision in NFC. Standard credit card readers ask you to present one card because they can’t tell which one you actually want to use, but a scammer will instead use the anti collision mechanism to skim all of your cards one by one.

2 Likes

Santander ATMs have contactless. Limited to their cards by the looks of it though as I couldn’t get any of my Monzo, Starling or Capital One cards to work with it.

If you are out on the raz and you a fear of losing it. If you could switch it off time to time would not have to worry about losing it and forgetting to freeze the card or till its too late. Just a thought

Readers that have been nobbled to withdraw too much are a possible attack vector (Monzo would catch that, if you’re paying attention) - they can’t repeat transactions as they’re all unique, so replay attacks don’t work. Cloning? Downgrade attacks won’t work on Monzo if magstripe is disabled*, and anyway they don’t get the CV2 so they’re of limited use in the real world.

By far the greatest risk of fraud is someone getting hold of your card and writing the details down… that’s why you never give it to anyone (and nobody should be asking for it).

  • I’m told the mechanism these hacks used has been fixed anyway

This is definitely the case.
I think it’s done for anti-fraud measures because generally faulty cards are ones people have cloned and messed up somewhere along the line. If you get your pin wrong a number of times I think it also swallows your card…

Your right, I do remember reading a very interesting post about this somewhere.

Can we disable contact less, I would prefer that if card stolen while abroad?

3 Likes

You can always freeze the card in app if it gets stolen :slight_smile:

At the moment there is no way to disable contacless however it has been discussed elsewhere on the forum.

1 Like

Not yet, but it has been requested few times. So right now:

  • prepaid have magstripe toggle (ios and android)
  • CA does not have magstripe toggle yet (ios and android)

Contactless and online payments on/off toggles were requested few times, but we didn’t get any further info or confirmation about them. I moved your post to the relevant thread, so this feedback is seen by Monzo team. :slight_smile:

CA card doesn’t support magstripe at all so the lack of the toggle isn’t a big deal - I assume they’ll implement the toggle once the magstripe becomes supported.

Personally I don’t mind it not being supported :wink:

In an idea world magstripe should just be discontinued completely. Our Uni uses them for door keys and as a payment mechanism - lots of people have duplicates of a friends key’s so they can get into their building or whatever… Ridiculously insecure technology.

2 Likes

I agree, contactless is a nightmare, I’d just rather have a card without it. When Apple/Android pay come along for the CA, contactless is semi redundant anyway (for those that have the feature).

That instantly makes a card payment secure anywhere you can send with a contactless card. I’d never really bothered with Apple Pay, but the truly massive increase in fraud makes me think I’ll use it a lot more.

A chum of mine has just come back from Holland and says cards aren’t accepted in very many places, when he asked why, fraud was the answer, they want cash!

Actually, they don’t really allow offline transactions (offline authorisation) on online-only cards. All TfL transactions are actually online deferred authorisation, meaning they’re authorised online at the end of the day.

They do use offline data authentication to prove the card is real (but not authorise it), and cards that don’t support this (American and Canadian cards mainly) don’t work on TfL.

Additionally, the first transaction on a card (first tap in) will have a 2p online authorisation made before the gate opens just to prove the card authorises for something.

At no point though are TfL doing offline authorisation.

3 Likes