Which?, the online consumer group, has warned that a security flaw in our contactless debit and credit cards is at risk of being exploited.
Using what they called "easily and cheaply" acquired technology from a mainstream website, Which? managed to obtain enough information from payment bank cards to buy a number of items, including a TV worth over €4,000.
Six credit cards, and four debit cards, were tested during the experiment, all of which revealed some personal data, primarily the number and expiry date on each card, and although no CVV numbers could be decoded that didn't stop them from successfully using the cards online.
A spokesperson for Which? stated that they "were also able to read limited details of the last 10 transactions.
‘We doubted we’d be able to make purchases without the cardholder’s name or CVV code – but we were wrong.
‘We ordered two items – one a £3,000 TV – from a mainstream online shop using ‘stolen’ card details, combined with a false name and address.’
So basically all a thief would need to use your card online is a card reader, which can be easily, cheaply, and more importantly legally obtained, as well as some free software.
Last year in Britain over £2 billion worth of purchases were paid for with contactless payment. That number should increase this year not only due to the rise in popularity of the cards, but also because the limit for a single transaction with the card is set to jump from £20 to £30 on September 1st.