The introduction of a £100 contactless payment limit could place shoppers at risk, UK tech industry experts have warned.
It comes as UK credit and debit card users can, from today, start using contactless for payments up to £100 without the need to enter their PIN code.
The decision to increase the threshold was taken by the Financial Conduct Authority (FCA) in a bid to make shopping more convenient and is more than double the amount of the previous contactless payment limit of £45 introduced in April 2020.
This also means customers can spend up to £300 in three separate transactions before they are asked to enter their PIN.
According to the CTO of digital identity verification software provider Mitek, Steve Ritter, “a drive for convenience means security could be overlooked”.
In comments to IT Pro, he added that contactless cards lack the additional layer of security provided by biometric authentication, which is used when making payments using smartphones. Although banks such as the Royal Bank of Scotland and Natwest had begun trialing fingerprint-enabled payment cards in 2019, only a limited number of consumers have access to the technology today.
Teg Dosanjh, director of Connected Services and Technology at Samsung UK and Ireland, said that the public’s focus on hygiene during the pandemic has fuelled the shift from traditional cards to Samsung’s payment app.
“It’s made us all more conscious about using physical keypads and because the increased security of mobile payment is well recognised, the spend limit on Samsung Pay is so much higher, meaning customers may rarely need to touch a chip and pin again,” he said, adding that Samsung research found that contactless payments using smart devices such as phones or watches helped 85% of surveyed users “feel safe”.
Research conducted by Samsung in August found that almost 60% of the 2,000 UK adults surveyed said that they were still leaning towards physical cards to make payments, with 40% of expressing concern about the increased possibility of card fraud
Brian Higgins, security specialist at Comparitech, shares these concerns, telling IT Pro that he anticipates an increase in mugging as a result of the new £100 threshold.
Shining light on new 'cool' cloud technologies and their drawbacks
IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley
“Personally, I use a pre-paid contactless payment account rather than anything linked to my personal banking information. I know people like things to be quick and hassle free these days but changes like these highlight how important it’s becoming to take some responsibility for your own assets,” he said.
However, chief product and technology officer at payments-as-a-service provider Modulr, Altay Ural, believes that the risk of fraud is “fairly small”. This is largely because consumers have the option to freeze their card as well as claim customer compensation. Meanwhile, the new threshold provides an opportunity “to promote greater consumer spending across UK stores, especially in busy locations like supermarkets, petrol stations and DIY stores where you can easily spend more than £45 in one go”.
Ural’s opinion is backed by UK Finance research, which found that contactless fraud on payment cards as well as devices accounted for less than 3% of overall card fraud losses in 2020, despite 55% of all card transactions being contactless.
