Users of contactless bank or credit cards are being warned by a U.K. man, who posted a now-viral picture of a thief who was allegedly scamming people in a public place with a Point of Sale device, the same as the ones used in stores.
Contactless bank and credit cards appear to be more common in the U.K., and nearly all issuers of new cards offer the chips, which allow people to make small transactions without entering a PIN code. The Telegraph reported they’re now used in one in seven transactions.
The Facebook user, Paul Jarvis, wrote the scammer was “spotted wandering round with a Point of Sale (POS) device,” added that he was putting through payments of less than 30 pounds ($43) in a wireless card reader before touching it on the wallets of unsuspecting people.
“Ching! You’ve just been charged automatically on your touch pay enabled credit/debit card.... We just tried this in my local pub with their POS device and it worked,” he added. “(I’ve actually shown people this using the NFC function on my mobile to read their card data through their wallet to freak them out but this is the first time I’ve seen someone doing it for real). Time to invest in a screened wallet I guess.”
Photo Called Into Question
According to Metro, the U.K. Cards Association says the crime hasn’t been widely reported in the U.K., saying there are intense security checks on merchant accounts.
The association added that the image doesn’t appear to have been taken on a British train, noting the same picture was seen in reports on a similar crime in Russia.
The image doesn’t offer much context. Some card machines need to be connected to a landline terminal in order to work, but more advanced devices use GPRS to make a connection, which allow merchants to accept card payments nearly anywhere. The thief, theoretically, would have to have GPRS-enabled Point of Sale device, as the Independent noted.
Barclaycard told the Telegraph: “When a customer reports a card lost or stolen, a block is applied to the card preventing all further activity. However, some contactless transactions are processed offline so may not appear on a customer’s account until after the block has been applied.”
“We offer a 100% fraud guarantee for anyone who is a victim of contactless fraud.”
Some hospitality industry professionals said the cards do, in fact, pose a risk. However, there’s a greater risk in trying to scam people via the method.
“If your payment device is signed into your mobile account this is completely possible, although this also makes it 100 per cent traceable!” London-based bar consultant Elliot Davies told MailOnline.
“And it would only work up to a certain amount, up to 400-odd quid, before it needs to be locked into a telephone line. He would have [to] have a business account, a POS (Point of Sale) account, and a business bank account, all easy for police to trace and locate. Not worth the jailtime.”