Convenience features built into contactless payment systems are quietly undermining their security, a university study has found.<\/p>\n
The research, led by the University of Surrey in collaboration with the University of Birmingham, exposed hidden weaknesses that allowed researchers to perform unauthorised high-value transactions.<\/p>\n
Ioana Boureanu, head of the Surrey Centre for Cyber Security, said: “The industry has already made promising fixes but there is still a need for better coordination between providers to ensure convenience doesn’t create new opportunities to fraud.”<\/p>\n
The research team said it reported their findings to several parties in 2024 and helped develop some fixes.<\/p>\n
Features added to contactless payments to boost convenience include allowing offline transactions, transport modes that let commuters move quickly through barriers without unlocking their phones, and region-specific rules on how a PIN is input for high-value transactions.<\/p>\n
However, the study found these features could lead to insecurities and, in turn, the possibility to make fraudulent payments. <\/p>\n
In practice, researchers were able to demonstrate ways to trick terminals into accepting a plastic card when only a phone should have been allowed, or to process payments above a contactless limit without PIN or biometric checks.<\/p>\n
In one case, a payment terminal was made to accept a fraudulent \u00a325,000 payment, the University of Surrey said.<\/p>\n
Tom Chothia, professor of cyber security at the University of Birmingham, said: “The issues we found are not about companies getting it wrong, but about how a system as complex as EMV [Europay, Mastercard, and Visa] can develop hidden cracks when new features are added independently. <\/p>\n
“Working together, we can close those gaps and make contactless payments safer for everyone.”<\/p>\n
Mastercard and Visa have been contacted for a comment.<\/p>\n","protected":false},"excerpt":{"rendered":"Convenience features built into contactless payment systems are quietly undermining their security, a university study has found. The…\n","protected":false},"author":2,"featured_media":257740,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41],"tags":[165,74],"class_list":{"0":"post-257739","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-mobile","8":"tag-mobile","9":"tag-technology"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/257739","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/comments?post=257739"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/257739\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media\/257740"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media?parent=257739"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/categories?post=257739"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/tags?post=257739"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}