Expert Warning: The Risks Of Contactless Payment Apps

Alipay’s app (QR code L) currently allows users to pay with a traditional credit card linked to their bank or offers small unsecured loans to buy anything from toilet paper to laptops – Copyright AFP/File GREG BAKER

Offering a seamless and efficient way to make transactions without the need for physical cash or cards, contactless payment apps have experienced a surge in popularity in recent years. However, alongside their convenience comes a host of emerging risks that you should be aware of to safeguard your money and personal data.

Trevor Cooke, the online privacy expert at EarthWeb, highlights to Digital Journal three important scams hackers use to take advantage of contactless payment apps and shows you how you can protect yourself.

The Three Big Contactless Payment Scams

Cooke explains: “While contactless payment apps provide convenience, they also introduce specific risks associated with the Tap and Pay feature, especially when making purchases at stores.”

These include:

NFC Skimming

Cooke warns that hackers may exploit Near-Field Communication (NFC), the technology on which contactless payment apps rely, to intercept data transmitted between the user’s device and the payment terminal during a transaction. By deploying skimming devices or malware-infected terminals, cybercriminals can capture sensitive information such as credit card numbers and expiration dates, putting users’ financial data at risk.

Unauthorised Access To Stolen Devices

If a user’s smartphone or device is lost or stolen, and it’s unlocked or has saved payment information, unauthorised access to the Tap and Pay feature becomes a significant concern.

Cooke notes: “Cybercriminals can exploit this vulnerability to make unauthorised purchases using the stored payment credentials, leading to financial losses and identity theft.”

Data Interception

Man-in-the-middle (MITM) attacks pose a significant threat to contactless payments. In these attacks, hackers intercept communication between the user’s device and the payment terminal, allowing them to eavesdrop on sensitive data exchanged during the transaction. This can include credit card details, transaction amounts, and other personal information, which can then be used for fraudulent purposes.

How To Protect Yourself Against These Threats

To mitigate the risks associated with the Tap and Pay feature on contactless payment apps, Cooke suggests: “Ensure that your device and the payment terminal use secure NFC technology with encryption to prevent data interception by unauthorised parties. Look for contactless payment apps that employ advanced encryption protocols and security features to protect your financial information during transactions.”

Cooke also says whenever possible, utilise biometric authentication methods such as fingerprint or facial recognition to add an extra layer of security to access your contactless payment app. This helps prevent unauthorised access even if the device is lost or stolen.

Furthermore, it is important to ensure that contactless payment apps are regularly updated with the latest security patches and enhancements to address any vulnerabilities and strengthen app security.