Asger Risom
New findings show that convenience upgrades have opened loopholes allowing high-value fraud.
New findings show that convenience upgrades have opened loopholes allowing high-value fraud.
The rise of tap-to-pay
Contactless payments have become the most common way to pay, replacing cash for their ease and speed.
How it works
NFC technology lets users pay by simply tapping a card or phone — no insertion or PIN needed for small purchases.
The new research
Experts from the Universities of Surrey and Birmingham have found hidden vulnerabilities in this increasingly popular system.
What they discovered
The flaws let researchers make unauthorized, high-value payments, even when phones were locked or offline.
A dangerous trade-off
Features designed for convenience — like offline payments and quick authentication — also weaken basic security checks.
What the tests showed
In one experiment, a terminal accepted a fake £25,000 payment that bypassed biometric and PIN verification.
Not a coding mistake
Researchers stress that the problems aren’t due to company negligence but to the complexity of the EMV system itself.
How it happens
When new features are added independently by providers, subtle gaps emerge that fraudsters could exploit.
Industry response
The findings were shared with banks and payment providers in 2024, leading to early fixes in some systems.
Expert warning
“Convenience shouldn’t create new opportunities for fraud,” said Ioana Boureanu of the Surrey Cybersecurity Centre.
The bigger picture
Researchers urge tighter coordination between banks and tech companies to close security gaps before criminals find them.
This article is made and published by Asger Risom, who may have used AI in the preparation
