Did everyone miss this bit?
"The new rule comes into effect in September 2019 in an attempt to crack down on fraud. "
Brexit kicks in 6 months earlier… surely we’re not going to be affected by this new crazy rule?
Many EU laws are being copy and pasted over to UK legislation…
1 Like
As far as I’m aware at this stage, it shouldn’t affect Apple Pay or Google Pay. It should only affect what are known as no CVM (Cardholder Verification Method. Think signature, PIN, biometric, etc.) contactless transactions, where you tap the card on the reader and no other checks are performed.
11 Likes
At banks I have previously worked for they already have their own limits before contactless will ask for an online authorisation. I.e not a number of taps but a value that when surpassed the card will ask for an online auth. This is to stop for example someone with a £10 balance using contactless all day and then when reconciled becoming overdrawn.
2 Likes
But Google Pay goes through as no CVM when used when the device is locked (and the vast majority of the time when the device is unlocked as well, my guess being that no CVM is higher priority on Google Pay’s list, so it used as opposed to CDCVM).
Liam
This should not affect mobile payments like Apple Pay and Google Pay - this is purely for payments where no CVM (cardholder verification method) is used.
Apple Pay and Google Pay can both use CDCVM which should bypass this limitation and authorise the transaction (among other things, like authorising past the 30£ limit in the UK).
1 Like
And some car parking machines only support contactless (or change, but who carries actual money these days?!)
In theory… Most shops I’ve been to use CVM for everything for example Asda enforcing a strict £30 limit on contactless even via the phone.
I work at a till and often when it refuses contactless people are like I have X amount so why didn’t it go through, that number is always very low, so it looks like alot of banks force a pin when the balance is low.
Ugh this is terrible…
I mentioned this in another thread. It’s how the original contactless cards behaved (with offline authorisation) and this is what happens when you codify something that changes with better tech. I love the EU but this was a bit of short sighted over regulation that will have a massive negative impact on how people use their cards.
It’ll do one of two things - increase cash use or increase mobile payments (with CDCVM) use. We shall see which…
In either case, it’s absurd.
Also know that it might end up degrading the Monzo app experience as well, for no real security benefit.
See also, Mastercard’s take:
5 Likes
Maybe. But as it essentially reduces the banks’ exposure to card fraud, I’d be surprised if the weren’t enthusiastic about implementing it.
Looks like Mastercard sees biometric cards as part of the solution to this: http://www.cityam.com/288876/mastercard-talks-uk-banks-take-biometric-technology
Not sure why they even bother given the world is moving to mobile payments (which include CDCVM already through a PIN or fingerprint).
1 Like
Why would they enthusiastically implement something that will do very little to reduce fraud and introduce a lot of friction to the purchasing process?
2 Likes
Contactless fraud is increasing. I would expect them to jump on any opportunity to reduce the cost while still encouraging usage of contactless. If they can slow the increase in contactless fraud, they could consider increasing the contactless limit, too.
As to friction, yes there would be an increase, but as far as I have seen it would be using your PIN every 5 transactions or so. That seems more frictionless than using cash, which always require a PIN (mostly via chip and PIN) to withdraw.
Another benefit is that people will be more likely to remember their PIN rather than writing it down for those occasions when contactless doesn’t work for whatever reason.
All that said, I’m not actually in favour of this move, simply pointing out some of the potential benefits to the banks. I wonder whose idea it was?
The readers at Iceland say “no cardholder verification” when I use Apple Pay 
Also, I thought there was already a thing where if you don’t chip+pin every so many transactions you get told to do it anyway. I’ve had that happen a couple of times…