Contactless card vulnerability allows hackers to bypass PIN

ConfusedR

Expert Member
Joined
Jun 27, 2015
Messages
1,199
Bank covers those.
Ok.
So I have to accept that money can be stolen from my contact-less card which does not always require a PIN

I understand that a "normal" card can also be compromised but at least it always asks for a PIN
 
Last edited:

Kosmik

Honorary Master
Joined
Sep 21, 2007
Messages
21,962
Ok.
So I have to accept that money can be stolen from my contact-less card which does not always require a PIN

I understand that a "normal" card can also be compromised but at least it always asks for a PIN
Money can be stolen from any card, if it us not authenticated by pin, bank is liable to re-imburse.
 

PsyWulf

Honorary Master
Joined
Nov 22, 2006
Messages
12,438
if it us not authenticated by pin, bank is liable to re-imburse.
Crux of the matter
Between the vendor bank and payment processor somebody will be paying back the money UNLESS you gave your pin and card willingly
 

krycor

Honorary Master
Joined
Aug 4, 2005
Messages
18,538
Crux of the matter
Between the vendor bank and payment processor somebody will be paying back the money UNLESS you gave your pin and card willingly

Depends on what’s the reason for it. Cost eventually goes to
Card Association,
Card Issuer(bank),
Card Acquirer,
Customer or
Merchant.

Someone ends up paying pending what the breach is and if processes followed. The bottom two are the easiest scape goats.. technical failure of emv usually ends up with one of the top two if card related, customized issue with issuer, acquiring not being followed right vs risk in the center but usually passed to bottom.
 

Swa

Honorary Master
Joined
May 4, 2012
Messages
30,098
Swipe or online. Times have changed though which is so many more transactions require pins these days.
Those will be the only occasions (other than contactless) though swiping asks for a pin too and online you have the CVV as the pin.
 

Kosmik

Honorary Master
Joined
Sep 21, 2007
Messages
21,962
Those will be the only occasions (other than contactless) though swiping asks for a pin too and online you have the CVV as the pin.
You can still contest cvv that's why 3dsecure is finally gone global.
 
Top