More than half of Scots believe more needs to be done to tackle payment card crime, with15per cent of Scottish adults saying they have been victims of card fraud in the past year.
Almost a third think banks should consult customers before issuing them with contactless cards, and a quarter believe the cards are riskier and make fraud too easy.
A fifth of Scots say they will never use a contactless card because of perceived security risk, according to the research by Defender Note, which has launched a card protection device that sits in a wallet or purse.
If contactless cards are stolen, a thief can make up to 10 payments under £30 in a short time frame before being required to enter a PIN.
More worryingly, the cards can also be ‘skimmed’ – a technique in which a scammer uses an RFID chip-reading device, widely available online, to lift the cardholder’s details while standing in close proximity to them. He can then use the ID to make purchases on websites that don’t require any other bank account security.
Consumer group Which? tested 10 debit and credit cards last summer and found all of them had the security flaw that allows them to be skimmed.
Morgan Rothwell, director of Defender Note, said: “Contactless card fraud is rising fast and official figures are only the tip of the iceberg.
“Most skimming victims will have no idea they’ve been robbed until they check their bank statement, and many cases will not be detected at all.”
Contactless card fraud jumped 16-fold last year to £2.8m as use of the cards increased fourfold, with 136million ‘wave and pay’ purchases worth over £1.1bn made every month.
The UK Cards Association says fraud on contactless cards is extremely rare and customers are fully protected for fraudulent payments.
But the issue of customer blame was recently raised by the Metropolitan Police Commissioner Sir Bernard Hogan-Howe, who said banks should “incentivise people to protect themselves” by refusing to compensate anyone for online fraud who was not using an online software protection system. Richard Lloyd of Which? however responded that “the priority should be for banks to better protect their customers, rather than trying to shift blame on to the victims of fraud”.
Financial Fraud Action reported last month that fraud across UK payment cards and online banking hit £736million last year, a rise of 26 per cent on the previous year. Data theft raced up the consumer and corporate agenda earlier this year when TalkTalk had to admit that personal details of 150,000 customers had been hacked and sold to criminals.
The FFA report found that high-profile data breaches such as TalkTalk’s could actually help fraudsters in impersonation and deception scams, where they may pretend to be a utility company, a government department, or the police, and use phone, text or e-mail to ask for personal details.
“The stolen data is used to commit fraud directly, for example using stolen payment card details online to commit remote purchase fraud,” says FFA. “Other information obtained through a breach may be used in impersonation scams, while the publicity around the incident itself can be used to add authenticity to the scammers’ approach.”
The danger for those who see through the phoney messages, but have not properly protected their PCs, laptops, or especially smartphones, is that malware (malicious software) may be remotely downloaded as a vehicle to steal or compromise security details.
The industry stresses how much fraud is stopped at source by banks, but the figures also serve to highlight the enormous scale of the attempted crime: £844m of attempted card fraud or 60per cent was detected, as was £525m or 80per cent of attempted remote banking fraud.
Experian advises the following security protocols:
*Choose secure, unique passwords for as many online accounts as possible. Think of a sentence and use the first letter of every word in it, plus a mixture of lower and upper case letters and numbers.
*Use a home screen lock on your mobile devices. Be aware of the vast amounts of information that can be stored on a smartphone, including emails and apps that can be accessed without a password from your home screen.
* Be conscious of the information you share when using shared WiFi networks, which can be compromised more easily by fraudsters than secure networks.
* Before sharing personal information online, particularly card and other financial details, check that the web address is preceded by “https:” and has the padlock symbol.
*Monitor your credit report and bank statements regularly as it will help you spot any suspicious activity as early as possible to avoid financial loss.
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules hereLast Updated:
Report this comment Cancel