[LINK] refusing contactless cards

Paul Brooks pbrooks at layer10.com.au
Fri Aug 2 12:04:04 AEST 2013 

On 2/08/2013 11:15 AM, Ivan Trundle wrote:
>
> It would seem to me that banks have a major risk (and liability) on their hands. 
>
> I imagine that once the media begins reporting this type of fraud more frequently than bag snatching, then a reversal of thinking and processes will occur. 
>
> I cannot see how any bank would endorse this technology if the risks are realised and unable to be mitigated without regressing to the previous technology. What am I missing here?
Perhaps that the banks do have extensive testing, trialling and evaluation of the
risks involved, particularly relative to the risks and costs involved in the earlier
technologies, and have worked out that commercially their costs and risks of fraud and
badness happening is lowered - and included in that are risks to their customers, to
public perception and the banks reputation, which goes into the risk assessment. They
don't just change the rules to make the end customer liable for fraud and reduce their
costs, because the damage to their reputation when a dozen people go on A Current
Affair is worth more than if they simply pay up and write it off against their fraud
provisions - so they pay and reimburse people.

Perhaps that the media are not reporting this as happening to any great frequency
means it actually isn't, or no more than using the previous technology?

(yeah, I know its not fashionable to defend business on this august list, but its
Friday, and I have a relative in the banking risk management area, with which I've
talked robustly over this issue several times over while taking the
standard-linker-stance - and I've been on the receiving end of dealing with a
suspected fraudulent transaction, and have received calls from the bank on occasion
checking that I knew whether a sub-$50 transaction was ok within 12 minutes of walking
out of the restaurant they had on a watch-list or didn't fit my usual pattern (it was ok).

is there a risk? certainly. Is the risk higher or lower than the various ways the
previous technology can be circumvented? its lower, both for the user, the bank and
the merchant.

By all means linkers go on with the all-banks-are-bastards rants - but if all you're
going on are stuffs you've read on the Internet in articles about hacks from the USA
from 5 years ago, and haven't actually inspected the technology used in Australia,
spoken to the people who get paid to evaluate and think about all these things and the
risks, attempted the circumvention or spoken directly with someone who has and isn't
trying to sell you a metallic screened wallet....its about as trustworthy as the
original article.

Back to work...

-- 
Paul Brooks               |         Mob +61 414 366 605
Layer 10 Advisory         |         Ph  +61 2 9402 7355
-------------------------------------------------------
Layer 10 - telecommunications strategy & network design

More information about the Link mailing list