UK banks issuing contactless cards

Natwest are issuing contactless debit cards:
http://personal.natwest.com/personal/current-accounts/your-visa-debit-card/contactless.html

I guess, when you use one to buy a paper or coffee at the corner shop, your bank may take a modest fee per card 
transaction from the shop's bank? If so, it's clear why they like them!

I rang NatWest and was told that customers _can't_ opt-out in advance! But, when your card expires you will 
automatically be sent a contactless one, and - at that point -  you can call them then to ask for it to be replaced by a 
simple chip and pin card (non-contactless). That is simply inertia selling, forcing us to opt out after the fact!

I can see the attraction of the card to customers who want to make simple, fast purchase of low cost items (less than 
�20), without juggling loose change. But, I would prefer to be a late adopter when my debit card's attack surface is 
expanded (which it must be however safe they claim the added technology is, because the card can do extra stuff)! I want 
to wait and see what clever new scams for stealing money emerge before deciding to use it.

-- 
Martin Whitehead
0
Martin
2/17/2014 11:38:39 AM
grc.security 16608 articles. 3 followers. Follow

1 Replies
1123 Views

Similar Articles

[PageSpeed] 42
Get it on Google Play
Get it on Apple App Store

On 17/02/14 11:38, Martin Whitehead wrote:
> ...
>
> I rang NatWest and was told that customers _can't_ opt-out in advance!
> But, when your card expires you will automatically be sent a contactless
> one, and - at that point -  you can call them then to ask for it to be
> replaced by a simple chip and pin card (non-contactless). That is simply
> inertia selling, forcing us to opt out after the fact!
> ...
>
I was sent one from Lloyds a few days ago. I rang and told them I didn't 
want it so they said no problem I could have a plain chip and pin card, 
they'd send me one right away. Told me to destroy the new card. Also as 
this is a joint account, now marked for decline contactless, when my 
wife's is renewed they'll send her a plain one too.

So at least some banks are playing better.

-- 
Russell
0
Russell
2/18/2014 10:45:50 AM
Reply:

Similar Artilces:

Security for UK bank
Name: Product: Firefox Summary: Security for UK bank Comments: My LloydsTSB account cannot be opened online because the bank says that Firefox does not met the required security standard. Pity really because I have just installed it in preference to Internet Explorer and like the way it works. I shall have to revert to I.E. Browser Details: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 From URL: http://hendrix.mozilla.org/ Note to readers: Hendrix gives no expectation of a response to this feedback but if you wish to provide on...

java.security.Security issue
Hi, EAServer 4.2 build 42012 on NT (jdk13). This code works as a Java clientapp but not when the code is inside an EJB in EAServer? Can we register Security provider dynamically? // system var. System.setProperty("javax.net.ssl.keyStore", "<val>"); System.setProperty("javax.net.ssl.keyStorePassword", "<val>"); System.setProperty("javax.net.ssl.trustStore", "<val>"); System.setPropert("javax.net.ssl.trustStorePassword","<val>"); System.setProperty("javax.net.debug", &...

Security issues i need to be aware of accepting credit card numbers
Hello everyone,I am currently producing an order system that accepts credit card details, puts them into an xml scheme and sends them to billing department to deal with.  What i need to know is what security issues i need to deal with from accepting the card number from the form to inserting it into the xml file.  The number isn't stored in a database (well at least not one i deal with) and is validated by a custom validation method.  The page uses SSL.#1 - The order form process consists of entering the customers contact details, which are stored in a class data structure...

Issue related with secure AuthenticationType i.e. AuthenticationTypes.Secure
So when i use DirectoryEntry MyDirectoryObject = new DirectoryEntry(LDAPServerString, UserName,Password, AuthenticationTypes.Serverbind);  I can work with LDAP no problem, create new users etc..  But when I use  DirectoryEntry MyDirectoryObject =  new DirectoryEntry(LDAPServerString, UserName,Password,AuthenticationTypes.Secure);  I get 2 types of errors 1] Unknown error 2] Invalid dn syntax has been specified. The user details are correct and they are the user details of the directory manager. What is going wrong here ?...

What's so secure about Secure Digital? (SD cards)
I checked out the wikipedia page on these things, but it didn't have anything to say about the reasoning for 'secure'. Is it encrypted somehow, or is it 'secure' in being highly fault tolerant, or is it longevity? Torrance I've never heard of built-in encryption on an SD card, but from the website: http://www.watermarkfactory.com/resources/terms/secure-digital-card.htm The "Secure" in Secure Digital comes from the card's origin. To create the SD card, Toshiba added encryption hardware to the already-extant MMC card, to calm music ...

GroupWise Padlock Security Issue and Fix issued by Novell!!!
http://www.securitynewsportal.com/article.php?sid=1510&mode=thread&order=0 -- Regard: Joh@nnes� 1216771 Ont.Inc. "Nothing is more damaging to a new truth than an old error" ...

Banks and https: "these banks are barely more secure than ..."
http://www.squarefree.com/2005/05/28/banks-and-https/ ,------------ [quote] Here's what happens when you go to the web pages of some large US banks, and what happens when you try changing the homepage URL from "http" to "https" or vice versa. Bank http https Bank One Insecure login form. Works. Wells Fargo Insecure login form. Works. Wachovia Insecure login form. Works. Bank of America Insecure login form. Redirects to http. Washington Mutual Insecure login form. Redirects to http. US Bank Insecure login form. Error: Connectio...

Security Issues
Hi All, I am involving in research of web security. More precisely Nowadays I am working on "KEYGEN" keyword of HTML5. I tried to navigate to the block of source code where it works with this keyword "KEYGEN" of HTML5.But I could not find out the special block of source code for this purpose.So I would like to request to all of you for the files names and block of code where this operation performs in the source code of Mozilla Firefox. Would you please help me. Thanking You, Nilu ...

security issues
A problem was ust brought to my attention about our install of bugzilla 2.18. If a user is a member of group QA which is a member of all product groups, does a search they cannot see all bugs. Product A GROUP A entry, mandatory,mandatory, can edit GROUP QA Shown, na Results GROUP QA cannot see the bugs that are against product A. If I add the user directly to GROUP A the user still cannot see the bugs against product A. I tried the following as well: Product A GROUP A entry, mandatory,mandatory, can edit And left out the GROUP QA, because Group QA is also a member of GR...

Banking security
Name: Gary Smurthwaite Email: garysmurthwaiteatbtinternetdotcom Product: Firefox Summary: Banking security Comments: Just to let you know every time I log on to Abbey internet banking this is the message I get. Abbey is constantly seeking to improve the service that it offers to its customers. Every time you log on to our online service, we check to ensure that your current browser and computer settings will give the required level of performance and security. Our software shows us that the browser you are using to access the Abbey Online Service is not one of our supp...

Security Issue
Hi Y'all, I want to know if it's possible to disable the possibility of 1) storing a page in the browser on the users hard disk 2)send page in browser as email Thanks in Advance  Please give us feedback no matter whether you get your answer.Please "mark as answer" if it's useful for youSincerely,SpongeBert No.  To display a page, the HTML is sent to the client system.  Once it's there, it's not in your control.  The browser can cache it, the user could copy and paste, or the user could even do a screen shot.  Unless you have the ability to dri...

security issue ???
Hi, i've just discovered the ncpcon utility on oes linux. wow, what a great tool, to create nss volume from regular filesystem. question, is that normal that anybody who has ssh/local access to the server can create volume ??!?!?! i can run this command (/sbin/ncpcon) from a regular user (uid 500) and create the volume without entering any admin password or anything..... this can be dangerous... Marc Marc-Andre Vallee wrote: > Hi, > > i've just discovered the ncpcon utility on oes linux. > wow, what a great tool, to create nss volume from regula...

Security issue???
Hi all! Sorry to bother you. espessially if this question has been asked before, but i just found this news-group, so this is my first post in here... If I go to www.robrob8.com/online_security.htm and click on test, I get an "access granted", and then my c-drive shows up. I am using ZA 3.0.091. Is this a security problem, and if yes, how do i stop it? -- ############################################################# Kind regards from: Terje Toresen terje@toresen.com Somahagen 8 4316 Sandnes Fax: +47 51667081 Voic...

Security issues
Hi there, During development of a web application, I'm running into a security problem which I don't exactly know how to fix. I want to use the membership accounts from an Active Directory. So I've setup a connection string and when a user tries to log in I retrieve the AD user with the exact same username. The name specified by the client is set in the this.Request.ServerVariables["LOGON_USER"] string. But is this secure enough? I would imagine it's not that hard to alter or recreate a HTTP header containing the LOGON_USER with a self specified value. You w...

Web resources about - UK banks issuing contactless cards - grc.security

Contactless smart card - Wikipedia, the free encyclopedia
A contactless smart card is any pocket-sized card with embedded integrated circuits that can process and store data, and communicate with a terminal ...

All sizes - MasterCard Contactless Payment Timeline - Flickr - Photo Sharing!
Flickr is almost certainly the best online photo management and sharing application in the world. Show off your favorite photos and videos to ...

contactless payment - ARN
The source for IT industry news, views and analysis across the channel, business and technology

Contactless travel: the Oyster and the Opal (02:28)
London has implemented a contactless "tap and go" ticketing scheme allowing commuters to use credit cards and Apple Pay as an alternative to ...

Contactless payments to replace PIN cards by 2020
Day-to-day transactions will mostly be done using contactless payment technologies by 2020, replacing credit or debit cards that require a PIN, ...

PayPal taps Bluetooth for contactless payments
PayPal has embraced Bluetooth Low Energy (BLE) technology for payments after writing off Near Field Communications (NFC).

Santander, MasterCard and Gemalto Achieve Largest Deployment of Contactless EMV Cards in South America ...
... Security Executives Amsterdam - Gemalto, the world leader in digital security, announces it has deployed more than one million Optelio contactless ...

'bpay' contactless devices on sale
A new range of tap and pay devices including wristbands, fobs and stickers will be unveiled in the UK.

Square prepares for a bite of Australian contactless payments
Mobile payments challenger Square has a plan to win over small business owners in Australia. With its Apple Pay contactless payment terminal ...

Coles trials mobile 'contactless' payments
Coles announced a trial of a mobile payments app that allows Coles MasterCard customers to pay using smartphones with near field communications ...

Resources last updated: 1/17/2016 3:12:48 AM