We’ve had “tap to pay” enabled on our phones for a while, but it really came in handy on our trip to Hawaii. The condo had a keypad lock on it, so when we left the room, as long as we had our phones, we were prepared. It got me wondering about all the options I have for paying in most stores:
- Swipe the physical card
- Tap the physical card
- Insert the physical card
- Tap my phone
Which one is the safest?
Contactless payments use NFC (Near Field Communications) which is a subset of RFID (Radio Frequency Identification). When an NFC chip gets within an inch or two of a reader, wireless energy is transferred to the chip. It powers up enough to communicate with the reader via a unique encryption key for every transaction. If you’re swiping your card, you’re handing out the same information every time you swipe so if a thief gets your info one time, they are free to use it repeatedly.
Tap to pay has additional safeguards in place too:
- Transaction amounts are limited, and you’re notified of transactions.
- Your phone must be unlocked to make a transaction.
- You are still backed by your credit card company’s zero-liability policy.
- Less information is shared with the vendor (e.g. no customer name)
If it were possible to use my phone to pay everywhere, that would be the safest option. As soon as I carry a physical card around, I’m opening myself up to more risk. Tapping the card or inserting the chip are good choices if I retain control of the card, but if I must hand it off to someone (like at a restaurant), then I’m adding the risk of a credit card skimmer.
In the end, the credit card companies are the ones bearing the brunt of security breaches and they all recommend contactless payments. They’re not going to recommend something that costs them more money.
For more info, check out this article from Forbes.