[Dave Birch] I was thinking about the reporting of threats to retail e-payment systems because of recent discussions and it reminded me of U.S. Sen. Charles Schumer (D-N.Y.) call for stronger encryption for contactless payment cards and better warnings from card issuers about the technology’s potential security risks according to Card Technology. This appears to follow on from the Wall Street Journal article discussed before. It’s good to see experts getting involved.

Technorati Tags: ,

Do stories like these have any effect on the general public? If the story was reported as “magnetic stripe-based payment cards are utterly insecure but contactless cards are better” it might have got a different response from newspapers and legislators. The critical issue here is not the security of the contactless transaction (although transmitting meaningless ID numbers instead of card numbers would be a good idea) but the insecurity of magnetic stripe cards. Once you obtain a credit card number, by whatever means (whether eavesdropping on contactless transactions or generating them randomly) it’s trivial to use it fraudulently.

There’s no doubt that consumers who are unfamiliar with contactless technology might be hesitant to use it because they perceive that contactless payment may not be secure. In fact a recent sruvey indicates that half of both current users and potential adopters rated security as their main concern with using contactless payment options. In addition, 61% of those who indicated that they were unwilling to adopt contactless payment selected “I do not think it is a safe form of payment” as the most critical reason for that decision.

But what to do? It’s probably pointless trying to explain risk analysis to the general public, but perhaps we (ie, the industry) could prepare a simple five point crib sheet to send to journalists when they are working on stories in this area?

My opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public. [posted with ecto]

Leave a Reply


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
%d bloggers like this: