Skint Dad

Where Every Penny Counts

Home / Manage Money / Visa Card £30 Contactless Limit Can Be Hacked

Visa Card £30 Contactless Limit Can Be Hacked

By | last updated

Share
Tweet
Pin

Stealing your money without touching your card! Contactless fraud hackers can break the Visa £30 contactless limit and steal your money.

contactless card payment

This site contains affiliate links. We may receive a commission for purchases made through these links. [Learn more]

Fraud is everywhere, and while we can try to avoid it and think we’ll never full victim, it seems criminals won’t stop.

Thing is, we keep being told contactless cards are safe, but I know plenty of people in the Skint Dad Community Group who don’t trust them.

More and more people are using contactless cards though, with 2 in 5 card payments being done via contactless technology.

Alongside that, fraud on contactless card and devices is on the up too! According to UK Finance, £8.4 million was lost through contactless fraud in the first half of 2018 alone!

It appears they are not as safe as we first thought.

Plus, that £30 limit that protects us – nah, that doesn’t seem to matter as they can break through it!

Stealing money without taking your card

It’s an assumption that criminals need to physically take your bank card, and get hold of your precious PIN number, if they want to steal your money, like with general bank card and ATM fraud.

Research has shown that hackers don’t even need to steal your bank card anymore.

If they are close enough to you, they can hack through your contactless card and take what they want.

The £30 limit there to stop overspending doesn’t seem to be an issue either.

Tests were done by cybersecurity company Positive Technologies on behalf of Forbes. Using themselves as guinea pigs, they managed to take three Visa payments for £31 and far bypassed the £30 contactless limit to skim £101 from an account with just a tap!

For every test they did, they managed to skim money from 100% of the accounts, which goes to show how easy this will be for proper criminals.

How the contactless hack works

contactless cards

This isn’t the kind of thing everyone will do, so it’s a very organised crime.

Criminals use specialist hardware to read and add messages between a payment card and the reader.

They can tell it that a PIN isn’t needed, verification has been made (when it hasn’t) and are even able to request more than the £30 limit.

Usually, if a payment goes over £30, the machine knows it’s not able to take the payment. Then, it will need additional verification (like a PIN).

And it’s this that they can hack, change what the machine thinks, and then steal money without even touching your bank card.

The experts commented, “This attack is possible because Visa does not require issuers and acquirers to have checks in place that block payments without presenting the minimum verification.”

However, Visa told Forbes that they aren’t “planning on updating its systems to deal with the hack.”

How to prevent contactless fraud

Upset man holding credit card with laptop on background

Obviously, there are criminals out there who are going to be trying this, over and over again as the years go on.

And, it appears there’s going to be no overnight fix to stop it potentially happening.

But, there are things you can do to help prevent getting scammed out of money.

  • Firstly, if you’re worried, you could ask if your bank will issue a card without contactless. This may also help if you struggle with overspending money.

Also see: Overspending? Cut It Out with These 5 Practical Tips

  • You can even pick up special wallets, purses and protectors to keep them safe (but I’ve managed to make a much cheaper version (obvs) to protect your bank card from contactless fraud).
  • I’ve found that keeping bank cards together stops them from being read by the machines (try it next time you shop). The machine can’t decide which card is making the payment so simply won’t do anything.
  • Look to see if you can set up payment limits as well as get text message notifications so you can track payments on the go.
  • Be sure to check your bank statements regularly. Watch out for unexpected card payments and report them to your bank to check if you’re unsure.

Instead of being able to spend willy-nilly, from September 2019, banks will make sure you have to give a PIN if you pay more than £130 in contactless payments, or when five transactions have been made in one day.

Yes, you may think that it’ll never happen to you and I really hope it doesn’t.

It’s best to be a little wary but if you do have fraud to your account report it to Action Fraud.

Latest posts by Naomi Willis (see all)

Leave a Reply

Your email address will not be published.

Find out how to

Save money

Make money

Manage money

Start a blog

Eat cheap

Win competitions

Join us

Information

About Skint Dad

Contact us

Awards, Media and Press

Jobs at Skint Dad

Privacy Policy

Cookie Policy

Terms & Conditions

SKINT DAD®

8b Lonsdale Gardens
Tunbridge Wells
Kent
TN1 1NU

Skint Media Limited
is a registered company
in England & Wales.
Company reg no: 09991508
VAT No: 318 7349 80

Check out our sister site Skint Chef