Contactless Smart Cards – The Real Story

By Al Vrancart, ICMA Co-Founder, Industry Advisor

Now that the hectic Holiday season is a thing of the past we can relax a bit and take stock and find out how we fared financially. It’s a good time to check on personal identity/credit since identify thieves see the holidays as a potentially lucrative time of year because more purchasing activity means more opportunity for fraud. Most everyone is aware of the obvious breeches in personal identity security such as skimming, phishing, on-line fraud and the not so technical; trash raids and mail theft. But just recently there has been warning of security breeches in contactless cards (smart cards) where fraudsters steal information by reading contactless cards with an eavesdropping device. Is this something else the consumer needs to be concerned about or just media frenzy? It seems the news has been inundated with stories hyping smart card security concerns. Unfortunately the real story on smart cards from the experts in the industry has garnered much less coverage. It seems news is driven by the scare factor that gets the much desired attention of TV viewers.

An example of the media hype, in December, Newsday ran a story titled Using a ‘smart card’ isn’t, Schumer Warns which addressed a statement made by New York Senator Chuck Schumer where he warned that scam artists will prey on shoppers and can steal their name, card number and other information using a concealed digital eavesdropping device.

Randy Vanderhoof, executive director of Smart Card Alliance, disagrees. “Reports that indicate thieves are stealing information from the smart card chip and using that information on spending sprees are false. There have been no reports of such fraud in the real world – only the suggestion by researchers in laboratory conditions that this could happen. There are more layers built into these contactless smart cards because they are smarter than the average card.”

This statement alone illustrates that the media hype behind such stories is without merit.
Vanderhoof continues, “The most important thing for people to know is smart cards are safe. There have been 17 million contactless cards issued in North America since 2005 and they offer a more convenient way to pay for small value purchases. The cards must be used in very close proximity to the reader, almost touching, for the transaction to work.”
According to Sonia Reed at Visa International, “There is no higher priority at Visa than payment security, which is why Visa continually invests in advanced technologies to make payments safer. Visa applies multiple layers of security to detect and prevent fraud. For contactless, Visa employs security technology both on the card itself, as well as on our processing network.”

Reed continues, “Visa appreciates and welcomes academic and professional efforts to identify and address vulnerabilities in the payment system. Such studies augment our own internal research, monitoring and testing, and allow the entire industry to offer safer and more secure products. In our industry, the landscape is always evolving – which means we must look at every credible threat and take into account every helpful suggestion. Recent academic research is consistent with previous research in this area, which Visa used in its efforts to safeguard vulnerabilities. Often, academic studies are conducted in a laboratory setting unconnected to the Visa payment network, which does not provide an accurate representation of the security measures in place.”

Considering there have been no reports of crime associated with the millions of cards issued to date, consumers should feel safe using smart cards. In fact, most fraudulent credit card activity is done once the card leaves the consumer hands making smart cards a smart option for consumers.

Albert Vrancart is a co-founder of ICMA and is an advisor to the association. He has over 30 years of global marketing experience, previously serving as president / CEO of NBS and Qualteq, a manufacturer of secure plastic transaction, identification and promotional cards.