Why Tap-to-Pay Is Safer Than a Credit Card Swipe | WSJ Tech Behind

Ok 🤣

Just watched a DEFCON video showing that 99 percent of the tap to pay sensors are vulnerable and then shown to have weaponized it. All though tapping a cellphone to the reader.

The man who did this worked for all of the banks in France.

Almost all of them have ridiculously easy exploits, both buffer and heap.

Granted it is better to tap then swipe. However it's all security theater.

still not great in terms of cardholder protection for fraud. What if the card is stolen. Today standard is higher so 2 factor security is the minimum. Tap to pay is only one factor unless it is used together with smartphones apple or google pay

What if someone lost their card ? Who ever find the card can make payments

He's a Canadian engineer.

Somebody can bump your pocket and steal money without you realising

man i wish TapToPay in indonesia using visa or master card on public transportation because i don't want fill or buying prepaid card like e-money?

this is nothing infront of UPI payments in India, without data one can make payments using qr scanning . its faster than credit card and low fees

In The Philippines we have Gcash which uses QR codes to pay

Is it safe from skimmers?

I HHHAATTE that not everyone is using tap still. I prefer it so much now. Even more so when chips and mag strips go bad easy.

Question..if a skimmer is on the unit do the hackers still get ur information?

I still want to use cash not all people's have card or like cards

good method

If you want to see a country that is worlds behind the US even, go to Germany

I traveled to Japan for the first time in 2001 and i saw how far we were behind. Japan did not have those bulky air conditioners. People had cell phones where you could "face time" people and trains operated by robots.

it is better to use your NFC phone because what if the machine take a photo of your cards back ?

Tap-to-pay is very popular in Canada. It's odd it's not as popular in the USA.

We've been using it here for years.

UPI >>>>>>>>>>>>>>>>>>>>>>>

Tap to pay was shown when first introduced in 90s to be a HUGE SECURITY flaw. as all one needs to do is walk through a crowed group (club, dance hall or crowd) with a powerful rfid reader. The rfid card data can be stolen easily without the owner even knowing. Those cards were withdrawn from market because they were an obvious security risk. Well, now in modern times when sanity has been replaced by insanity - this is seen as a 'great option'. All we collectively do with more and more time, is sink in intelligence.

You don't have tap to pay in your store: I can't pay because I don't carry a wallet anymore. We'll have a problem, and I'm not coming back again. It might be arrogant on my part, but I really do expect it as standard. Imagine if more people acted this way - we'd have much faster adoption on the side of businesses.

Good to know that subways use tap n pay ..wow u know how many ppl used the public transportation.hmmmmmmm 😒 time to do some research...love the system..its so mess up that same ppl that want to protect you are same ones who design back doors and loop holes n give it out..lije this video encouraging to use tap n pay...😂how funny..

It's Not Safer...

I started learning how to use the tap to pay. At first I was confused as my phone isn't NFC, but some of my cards are. After learning to use NFC payments, I hope to see & use more NFC in the future.

It's one step closer to the dystopian future of "In Time."

In the future, I will refuse to use a gas pump that does not have a tap-to-pay feature.

It's called CONTACTLESS not "tap to pay". It's NFC based technology, so it doesn't need to make contact with the terminal therefore "CONTACTLESS".

I see people literally slapping their cards or phones on the terminal and just shake my head. You just need to put your phone or card close to it and voila.

Apple pay & Google pay are even safer, if yo lose your card & someone finds it before you put a block on it they can use it to buy things, but with Google pay etc on your phone or watch you need facial recognition &/or your fingerprint to use it.

Safer? Hardly. If your card gets stolen, it can be used by anyone, no matter which method you use. How is that safer?

Finally, it's gotten to the point where nearly every business I frequent has tap-to-pay. I rarely find myself pulling my card out to swipe for payment. I do nearly everything with Apple Pay.

Meanwhile, Walmart doesn't have this.

I keep my credit cards on my Apple Watch so I am always looking for tap to pay. I carry only one card for instances of businesses not accepting tap to pay. Walmart and Home Depot, I am referring to you.

Is Saudi Arabia 🇸🇦 even small shops like the smallest grocery store in the neighbourhood must have all payment methods. Whilst in US many places lag behind.

Meanwhile in the Philippines...

I have been entering my PIN manually for the longest time until I found out recently it has the tap option and have been using it. But, I am still skeptical that tapping is more secure than swiping... 🤔

Yeah it started in India around 4 years ago and I have never pay with card any other way. I have even registered my card to my mobile's NFC so that I can make payments through phone directly don't even have to carry the card around

it's crazy to see that tap to pay is not that popular on the US, I'm from Colombia and basically every business that accept credit or debit has tap to pay capable systems so we use it very often

Who swipes in 2023?! 😂 Chips have been around forever.

UPI is safest and new tech . Feels like old times using cards

Some POS machines outright used to cancel the transaction when I paid via my phone's wallet, and currently (I think those are the same machines) work on the second try, but yes it is still a truly magical experience.

I didt know we were so far behind
as soon as we see a scam done with a new tech, we stop using it, I think thats what messed up tap-pay in the mid 2000s

Just back from Italy, even the smaller shop in the most remote valley has the contactless system, not to mention auto/train etc transportation. US feels a backwater country from this standpoint.

Meanwhile me using UPI to pay for almost everything

Why heb doesn’t use tap to pay? They are just stubborn.

Presses “No Tip”

We have had tap to pay in Canada for years before the pandemic.

Yeah that rectangular silver pad you can see on the card is just contacts. Think like those are the pins you see when you look inside the end of a USB connector. The chip is INSIDE the card, along with the antenna wires. Also, the 13.56mhz DATA signal isn't limited to a few inches. That'll go for a quarter mile easy. What IS limited is the power it can send to "run" the chip in the card. The readers don't put out very much power, so the chip can only get enough juice through the antenna to run a full transaction cycle if it's a few inches away.

That distance can be increased by increasing the power on the reader, but they keep those card readers low power so it won't try to activate other nearby cards. Also it makes it harder for someone to walk by you with a pirate reader in their backpack and trigger a transaction since it's too far away to be practically accessed. But it can be increased a little. Door Access readers usually have adjustable power. They're normally set low so you have to press the card against the reader, but they can be dialed up quite a bit, enough to just be waking up to the door and have the card in your wallet in your pocket trigger the reader when it's 6 inches or even a foot away. But every time you want to double the distance, you have to quadruple the power on the reader. Since it starts at about 3mm, getting out to a foot requires about 1,000x the power, which is quite a lot to ask of a little reader.

You made it sound like the chip sends static data along with a cryptogram, but that the cryptogram is just to authenticate the purchase while the static data is still freely available. If that was the case, what would stop somebody from making an nfc skimmer that just gets the static data to be used later with an online/magnetic strip purchase?

This is the reason why thieves now walk around in public places with those NFC readers hidden in their bags or pockets to scan the cards of absolutely anyone they walk pass next too.

Are you kidding? NFC pay cards are known to be one of the most unsafe ways of payment ever and thieves absolutely love it because it's never been easier to steal people's money than ever before.