[LINK] refusing contactless cards
Kim Holburn
kim at holburn.net
Thu Aug 1 22:19:24 AEST 2013
On 2013/Aug/01, at 5:37 PM, Harry McNally wrote:
> Hello Karl (and Link)
>
> On 01/08/13 13:46, Karl Schaffarczyk wrote:
>> Craig,
>> My local credit union (CPS) happily disabled the contactless functionality
>> of their card when I requested it.
>>
>> Their solution was to set the authorised transaction limit to zero, which
>> doesn't stop presentation of the card, but all transactions are declined.
>> The chip and magstripe both work just fine.
>
> I assumed (perhaps incorrectly) that the fast response of PayWave meant it was
> not authenticating the transaction in real time. So it's not clear to me how
> the transaction limit will prevent loss (or theft). If the transaction is
> later declined then the merchant has a loss.
>
>> It might be worth asking Bendigo to make a similar adjustment.
>
> This doesn't prevent RFID card skimming; the concern raised by Craig.
No but it stops Craig's liability. That is the point surely.
--
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408 M: +61 404072753
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link
mailing list