Yesterday I did a post: "Who Needs an Ounce of Prevention...We've Got 10 pounds of Cure!  where I weighed in on some backwards thinking.  Sacrificing security in the name of convenience is just plain dumb.

Today, in the Times Online, they talk about some backlash,  taking the form of fear, over contactless cards.  Of course, as you'll read, there's really nothing to fear and  there's no new risk.  A Barclay's spokeswoman explains why to the best of her ability... (hope not)

From Times Online
Fraud fears over contactless cards
Barclays' customers could be liable for up to £50 of any losses on their debit cards

Ali Hussain

A CASHLESS society came a step closer this week with the launch of Barclays “contactless” debit cards which allow customers to pay for items costing less than £10 by simply waving their cards over a reader.

However, concerns have been raised that customers will be exposed to more card fraud as stolen or lost cards will not require a pin to make payments.
In some cases, customers could find they are liable for up to £50 of any losses.

The cards are being sent to all customers when their existing cards expire. Barclays is the first bank in the UK to roll out the technology to all current account customers as "a standard feature of most new and replacement debit cards".

Up to three million customers are expected to be using contactless debit cards by the end of the year and the majority of Barclays debit card customers will have one by 2011. However, there are concerns that the cards are more likely to expose the owner to any losses incurred before they report the card stolen.

Anyone finding a wallet containing a contactless card could immediately use it to make a number of small purchases while the card remains active.  Apacs, the UK payments authority, said consumers are liable for the first £50 if their debit card is used by thieves before they cancel it.  Editor's Note: Okay, so the new cards can be used immediately, and consumers are  liable for the extra 50 pounds put on their cards.  Understood.  The next part is a little more confusing..

A spokeswoman for Barclays "denied" it was exposing its customers to a new risk
, she said: "A lost and "reported" card will be immediately cancelled, and no longer useable.
A card that has been lost but unreported for whatever reason can only be used four or five times before a PIN number is demanded.   If the card was used fraudulently before it was reported missing we would look at the refund circumstances on an individual basis."

Editor's Note:  So let me get this straight...a Barclay's spokeswoman "denied" it was exposing customers to a new risk...and the reasoning was that although consumers are "liable" for the first 50 pounds if their cards are used by thieves, (and a lost or stolen card can be immediately used)...the safety valve is that contactless cards can only be used 5 times (for 10 pound purchases) before a PIN number is demanded,  thereby alleviating the new 50 pound risk that the new cards are not exposing it's customers to on a case-by-case basis.  How convincing is that?  Talk about Barclay up the Wrong Tree

I'm dumbphoneded.  Oh, and one last thing.  A PIN Number?  As in a Personal Identification Number-Number?  Is that like dumb and dumber, but with a numb and number?  Give me security over convenience. 




Reblog this post [with Zemanta]

Posted by John B. Frank Tuesday, March 3, 2009

0 comments

Payments Industry News Blog

Search the PIN Debit Blog by Subject

Kapersky Calls for Mass Adoption of Card Readers

Kapersky Calls for Mass Adoption of Card Readers