Go to content Phone human-readable description of the message we trying to accomplish. Search human-readable description of the message we trying to accomplish. Map pin human-readable description of the message we trying to accomplish.

On face value, a 4,500% increase in fraud sounds serious, however, without considering the rate of growth of contactless cards over the same period, the statistic is pretty meaningless

So, contactless card fraud hit £7m in the UK in 2016, up from £153k in 2014. Cue click-bait headlines about fraud soaring by almost 4,500%. When you dig a bit deeper, this is both mischievous scaremongering and quite misleading.

Salacious spending spree

Firstly, the article explains how contactless card theft allows criminals to “go on a spending spree without knowing a PIN or any other card details”. In reality, any spending spree is limited to between one and three contactless transactions, under £30 (in the UK). After which the thief will be challenged to enter the card PIN, keeping contactless ‘spending sprees’ to a maximum of £90. Also, assuming you report the theft in a timely manner, your issuing bank will carry full liability for these fraudulent transactions and your money returned to you.

Data discrimination

On face value, a 4,500% increase in fraud sounds serious, however, without considering the rate of growth of contactless cards over the same period, the statistic is pretty meaningless. Google to the rescue…

According to the UK Cards Association, there were 43.3 million contactless cards in circulation in March ‘14 compared to 107.4 million in March ‘17. That’s a 148% increase. Admittedly this stat is not going to grab as many headlines, but it goes some way to explain the increase in fraud.

It doesn’t of course explain away a 4,500% increase, but when you consider this started from a very low base, the rate of growth is less important than the absolute number. So, using the UK Cards Association data again, in 2016 £21.8bn was spent on contactless cards. This means that £7m in fraud amounts to just 0.03% of the whole, all of which is effectively underwritten by the issuing banks once card loss is reported.

Make the move to mobile contactless

And if that still makes you nervous, you could always pay using your mobile. The best mobile payment solutions use Trusted Execution Environment (TEE) technology to enable fingerprint authentication and secure smartphone screens. This means criminals can’t even make a single contactless transaction from my digital wallet if they acquire my device. This layered security makes all digital payments very secure indeed.

I’m not quite sure if the headlines stem from a lack of knowledge or hidden agendas, but a bit of rummaging into the data makes most scandalised headlines about contactless card fraud pretty much meaningless. Education on what to do if you lose your card or spot a fraudulent transaction would serve the public better than jumping on a stat to generate clicks.

Interested to learn more about mobile payment security? Check out the blog on host card emulation or our CEO’s blog on FinTech in Europe.

Related content

Korea’s KB Bank Uses Trustonic In-App Protection to Enhance Mobile Banking Experience

Using Trustonic Application Protection enables KB Bank to dramatically improve the authentication experience for users of its mobile banking app and allow secure high value transactions

2nd April, 2020 – Mobile cybersecurity leader, Trustonic, today announces the successful implementation by KB Kookmin Bank (KB Bank) of Trustonic Application Protection (TAP) to enable a simpler authentication experience for users of its KB Star Banking app.



Trustonic + Lookout – Advanced Mobile Security for Banking & Fintech Apps

The need for in-app protection for critical mobile apps is greater than ever. The partnership between Lookout and Trustonic brings together two of the most robust app security platforms on the market, delivering the advanced security and protection required by banks and fintechs wishing to offer PSD2-compliant services and Strong Customer Authentication (SCA) requirements.


Lookout & Trustonic Partner to Provide Comprehensive End-To-End Mobile App Security

San Francisco, CA - October 17, 2019 - Lookout, Inc, the leader in securing the post-perimeter world, has announced a record year for its App Defense product with new customer acquisitions and strategic go-to-market partnerships. App Defense helps enterprises protect their customer-facing apps from data compromise and fraudulent transactions. Breaches can have a significant impact on brands as hackers can compromise consumer's credentials, steal PII data and initiate account takeovers.


Trustonic joins PCI Security Standards Council to protect payment data and mPoS devices

Trustonic to contribute to the development of PCI Security Standards as Council’s newest Participating Organization.

17 July 2019 - Cambridge, England - Mobile cybersecurity leader, Trustonic, announced today that it has joined the PCI Security Standards Council (PCI SSC) as a new Participating Organization. Trustonic will work with the PCI SSC to help secure payment data worldwide through the ongoing development and adoption of the PCI Security Standards.

All Financial Services posts
Back to top