- Time of past OR future Camino
- Frances 2016; Mansill de las Mulas to Finisterre/Muxia 2017; Aragones 2018; Suso/Yuso, Meseta 2019
For 2024 Pilgrims: €50,- donation = 1 year with no ads on the forum + 90% off any 2024 Guide. More here. (Discount code sent to you by Private Message after your donation) |
---|
Am I reading your comments correctly that if your contactless card is lost someone could use it to get a limited amount of cash, that is, of course, until you contact your bank to cancel the card?The cards in Europe work both ways: you can pay using your personal 4-digit code (as before), but you can pay contactless as well (I don't know about American cards, but it makes sense if they also would work both ways).
Both options exist in one card, because of safety reasons contactless payments are limited. If you lose your card (or it it's stolen) anybody could use it for contactless payments. Maybe it varies from country to country, but in Holland contactless payments are limited to € 25,- per payment and a total of € 50,- consecutive contactless payments. If you pay € 25,- contactless, then pay € 10,- using your code, the first € 25,- don't count anymore regarding the total limit of € 50,-. So, in case of loss or theft, the most you can lose is € 50,-.
When the limit is reached, the machine will automatically refuse contactless payment and demand for payment using your code.
And, when using cash machines, you'll still have to use your code.
Does this help?
Are these contactless cards becoming the norm in Europe?
I use Google Pay using my phone whenever possible, and in Europe most registers have contactless readers. I think that it's safer than the contactless cards because you have to unlock your phone to use it. Here's a couple of articles on how it works, and why it can be more secure than using your card.where there is contactless payments you can usually also use apple pay and google pay using your phone or watch as a card. This will be dependent on whether your back has the technology in place to do this.
Yep, we have had "tap" for a few years now, and its hard to remember how we used to buy coffee before then. The limit is fixed both by the bank AND the place you use it. For instance, I can tap up to $100 in a grocery store.Contactless ... or 'tap' ... cards (both debit and credit) are common in Canada now. They still have chip & pin on them, as the tap feature is limited to purchases under $50. You can ask your bank to turn off the tap feature.
The upside is your card never leaves your hand.
Yes if someone has possession your card they can use it for low value transactions without anyone checking the holders entitlement eg Starbucks, Burger king etc.Am I reading your comments correctly that if your contactless card is lost someone could use it to get a limited amount of cash, that is, of course, until you contact your bank to cancel the card?
Probably it would not be a good choice for the camino given the ever present possibility of theft or loss.
Are these contactless cards becoming the norm in Europe?
No, they are credit cards that you just tap or hold closely to the card reader, rather than swiping or putting into the chip reader.Never heard of 'em! Are they the same thing as pre-paid cards?
Nope, its a feature built into the VISA, MC, or debit card your bank gives you. They are in common use worldwide (except USA) now. The card has an RFID chip inside it that can be read by the "machine" that processes credit or debit cards. You don't need to do anything other than hold the card really close to the machine to use it. We say ""tap"" because you need to get the card within an inch or two of the machine's scanner for it to work. You pull out your debit card when the merchant hands you the machine, tap your card on the machine, it beeps, and you are done. A receipt is printed, your bank account is debited, and you leave.Never heard of 'em! Are they the same thing as pre-paid cards?
Yes, the technology is different, but some cards have both contactless and standard chips, in addition to a magnetic strip so that they can be read by whichever type of reader the merchant has. I just received a card with all three. But I find it more convenient to use my phone. I can even pay with my new fitbit!The solicitation that I received, from a major bank, was for a contactless debit card, not a credit card.
@Rick M , is the chip inside the card different from the "chip and pin" card?
Is mobile pay easy to use on the Camino?I use Google Pay using my phone whenever possible, and in Europe most registers have contactless readers. I think that it's safer than the contactless cards because you have to unlock your phone to use it. Here's a couple of articles on how it works, and why it can be more secure than using your card.
How To Secure Your Digital Wallets and Mobile Payments (Apple Pay, Google Pay, Samsung Pay, PayPal, etc.)? - Defending Digital
How safe are Apple Pay, Google Pay, PayPal, and other digital wallets and mobile payments? Learn how their security compares to credit cards and other traditional payment methods.defendingdigital.com
Three reasons mobile pay could improve your life
Add Costco to the list of retailers now accepting mobile pay. But it only accounts for 1% of retail sales, and we think the number should be way higher. We argue here forwww.usatoday.com
Yes, easier than getting out my card and signing a receipt. It's not only easier for me, it's easier for the merchant.Is mobile pay easy to use on the Camino?
So an important take away is is to use the same security as with any other card and keep a contactless card in the same type of RFID envelope as other cards.I think @André Walker said it all in post no.2. At least for us users that are familiar with contactless cards
I would just add that usually contactless cards are debit not credit cards.
But in many supermercados in Spain I couldn't pay with my card (whatever type it was) if the amount was lower than let's say 10€. So better always carry some smaller bank notes and change.
And re portable (scam) card readers. Always carry bank cards on the front of your body because you won't allow unknown person to get that close to you to scan it. It is your personal space and you would step back. OTOH you can't see what's going on behind you if you are carrying wallet in your back pocket. Portable card readers don't have to physically touch you just getting close enough is enough for them to get the info
I read about it in on-line and newspapers articles and saw few reports and coverages on our National TV Broadcaster with people from National Internet & Banking Security Service that it really exist. I doubt very much that officials would be confirming urban myths in public appearance...
So far as I know, it’s an urban myth. Do you believe otherwise?
(To those who are tempted to suggest ‘better safe than sorry’ - don’t bother. Mine is a genuine question and I’ve asked it many times elsewhere without a documented example)
Hello Henry the Dog, Quite honestly, no, I do not know of an authenticated case of skimming by remote sensor.Hello Sparrow.
I think you’ve got the information you wanted. It’s now a very common form of payment in Europe.
I’m curious - have you ever known of an authenticated case of a chip and pin, or contactless card being debited by someone using a remote scanner? I ask because of your comment that you should use a RFID shielded envelope.
So far as I know, it’s an urban myth. Do you believe otherwise?
(To those who are tempted to suggest ‘better safe than sorry’ - don’t bother. Mine is a genuine question and I’ve asked it many times elsewhere without a documented example)
I can even pay with my new fitbit!
Fitbit Pay | Contactless Payments Technology
Fitbit Pay lets you access your credit, debit, and transit cards anywhere. All from your smartwatch or fitness tracker and without your wallet to enable contactless payments.www.fitbit.com
A point of interest, my government issued passport card and trusted traveler card each came in their own rfid security envelope.Hello Sparrow.
I think you’ve got the information you wanted. It’s now a very common form of payment in Europe.
I’m curious - have you ever known of an authenticated case of a chip and pin, or contactless card being debited by someone using a remote scanner? I ask because of your comment that you should use a RFID shielded envelope.
So far as I know, it’s an urban myth. Do you believe otherwise?
(To those who are tempted to suggest ‘better safe than sorry’ - don’t bother. Mine is a genuine question and I’ve asked it many times elsewhere without a documented example)
I didn't even realize that my Fitbit Charge 3 is the special model that can make payments. I bought it in Oviedo after my month old Fitbit stopped working (I returned it to Costco when I got home) All I cared about was that it worked, and was the same model as the one that stopped working. It was only after I got home that I discovered that I could pay with it. I've only used it that way a couple of times, but I can use it at any terminal that accepts contactless cards.Far out! I own and like a Fitbit Versa. ... In what Camino contexts have you used yours to pay for something?
How likely is it that albergues and bars would accept contactless cards? I assume that it is far more likely that supermercados would accept it for larger purchases, perhaps hotels also?
We refuse to have contactless debit card. If lost/stolen the thieves could access £150 before a PIN is required and getting hold ot our bank in the UK, never mind from Spain, would be just one more hassle ....I have just received an offer from my bank to get a contactless debit card. Would it be of any use on the Camino, as in will it replace a chip and pin card or are they currently in use at cash machines in Spain? Europe has always been ahead of the US on technologies like chip and pin cards at cash machines and contactless cards for the Metro. Does anyone have any words of wisdom to offer on this topic?
Good morning Henry the Dog,Dear Sparrow
My sincere apologies if the wording of my post appeared rude. That was not my intent.
This is a particular bug-bear of mine. Somehow the myth that contactless cards present a material risk has been widely publicised - most often by the manufacturers or retailers of a purported solution to the supposed problem. Public bodies have spread the myth also and - as for the possibility that elected politicians may sometimes make statements that are factually incorrect, well, the UK are catching up with the USA rapidly on that score!
‘Snopes’ the reliable fact-checkers are clear on the subject. There have been no documented cases of contactless cards STILL IN THE POSSESSION OF THE OWNER ever having been compromised.
The only money you’ll lose is that which you spend on a RFID envelope.
Passport security technology, and that of government issued cards of various types, is far less secure than that provided by commercial banks.
Hello Sparrow.
I think you’ve got the information you wanted. It’s now a very common form of payment in Europe.
I’m curious - have you ever known of an authenticated case of a chip and pin, or contactless card being debited by someone using a remote scanner? I ask because of your comment that you should use a RFID shielded envelope.
So far as I know, it’s an urban myth. Do you believe otherwise?
(To those who are tempted to suggest ‘better safe than sorry’ - don’t bother. Mine is a genuine question and I’ve asked it many times elsewhere without a documented example)
Was this 1.5 m attack demonstrated on a card in a wallet surround by half a dozen other cards and in a back pocket? in the UK in 2018 there was contactless fraud to the value of 1.8m GBP. That works out at 20p per adult In the UK. I am sure we have all lost more than that down the back of the sofa.If you are worried about "contactless fraud", get a rfid blocking sleeve -> ebay example. You can get sleeves for rfid enabled passports as well (sure beats using tin-foil for practicality).
Fact: It _HAS_ been demonstrated in practice, that rfid enabled card _CAN_ be negotiated at a distance of up to at least 1,5 meters using directional gear. As far as I recall, one of the places it was demonstrated, was at one of the "Blackhat" conferences.
The science behind distance reading rfid is really quite simple and the physical part should in fact be doable by any semi-competent radio amateur. Negotiating the card protocol, is another issue, but I'd be quite surprised if the tools weren't available on the DarkWeb.
Well, seeing that I've never lost 1.8m in my sofa ...in 2018 there was contactless fraud to the value of 1.8m GBP. That works out at 20p per adult In the UK. I am sure we have all lost more than that down the back of the sofa.
The solicitation that I received, from a major bank, was for a contactless debit card, not a credit card.
’m curious - have you ever known of an authenticated case of a chip and pin, or contactless card being debited by someone using a remote scanner? I ask because of your comment that you should use a RFID shielded envelope.
So far as I know, it’s an urban myth. Do you believe otherwise?
“Contactless fraud is low with robust security features in place in every card,” he added. “No contactless fraud has been recorded on cards still in the possession of the original owner.
gerip,
I’m sorry to hear of your experience.
To clarify - are you saying that someone using a remote scanner managed to access your card data (including the reverse printed CCV code) or that someone fraudulently accessed and used your credit card details to attempt a purchase but not necessarily as I described?
How did you identify when the data was accessed?
Do you know if your experience was ever published anywhere - there has to be a ‘first’and it may well have made the specialist press.
When I see an authenticated case described in a reputable publication, I’ll shut right up.
To be clear, I’m most certainly not questioning your experience, but if as described it deserves publicising.
No need to be insulting. I'm happy as long as I'm able to maintain my own security. We all need to keep in mind that no technology is 100%.So ...
Maybe not a ‘contactless’ remote access data issue after all?
I too have had a card compromised. Some kind of card reader attached to an ATM resulted in a duplicate card being made and a series of cash withdrawals at the other end of the country. The bank refunded it straight away as I was apparantly one of many who used the rigged ATM.
To get back on track the OP was specifically questioning the security implications of ‘contactless’ cards vs other cards.
My point remains that there are zero documented authenticated cases of contactless cards being compromised remotely whilst in the possession of the cardholder outside of a laboratory type environment and that the purveyors of RFID blocking products are misinformed at best or charlatans at worst.
Still - let’s not confuse the debate with facts.
Tinfoil hat anyone?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?