Contactless payments are here to stay. In October 2021, the maximum amount for a single contactless transaction was raised to £100. And in the last year, a record 91% of all card transactions in Britain were contactless. On average, contactless users made 220 touch-and-go payments in 2022, worth around £3,300 per person.
Consumers are all in on contactless payments. But are they safe? Contactless payments have faced concerns regarding their security, particularly in relation to NFC technology.
In fact, contactless payments improve the security of in-person payments. It's worth noting that contactless payments have made considerable strides in enhancing security. While vigilance remains crucial, contactless payments have significantly improved the security of in-person transactions.
Here we explain how.
No Cash- No Worries?
The essence of contactless payments lies in the absence of physical cash. This makes it much safer for the merchant as there’s less cash being handled on-site. And whilst the chances of a robbery may be slim, having less cash in the till removes the possibility even further.
Plus, with contactless payments being taken, it eliminates the opportunity for any staff to dip into the till.
Customer information is secure
When a customer taps their card or smartphone on a merchant’s POS device, all sensitive card information and customer data is immediately encrypted. When it travels between the payment terminal, payment service provider and payment processor, it also stays encrypted. This process is called tokenisation.
It means that the data isn’t able to be intercepted by a third party. If they were to intercept it, all they would see are the random numbers that have been used in place of the card and customer data. Throughout the payment process, the data is never made fully readable to any person or institution – it can’t be intercepted and remains secure at every single stage of the process.
This increased security not only builds trust with customers but also reduces the risk of costly data breaches, protecting the merchant's reputation, financial well-being and can prevent the merchant from having to spend large amounts of time rectifying any issues that may occur.
Biometric identification adds another layer of security
When we talk about contactless payments, many people immediately think of customers simply tapping a debit or credit card. But as technology improves and customer demand for alternative payment methods increases, we’re seeing more available options. Chief amongst them are the likes of Google Pay and Apple Pay – where a customer has their card details in the wallet of their smartphone and simply taps their phone on the POS terminal.
This payment method brings an extra layer of security into the mix, by using biometric authentication – the phone will require the user’s Face ID before accessing their card details. If their phone was stolen, there would be no way to access the payment capability.
Merchants benefit from this by offering more payment choices and added security through biometric authentication, safeguarding payment capabilities if a customer's smartphone is lost or stolen.
The technology is improving
For merchants to be able to accept contactless payments, they need the right technology. This includes the POS to accept the payment and the payment platform to process each stage of the transaction.
And as the technology is improving around the capability to take more payment methods, so are the security requirements. We mentioned encryption previously – this is now becoming a requirement for payment technology and payment platforms. For PCI compliance, all payments must be done through P2PE – this is a fraud protection protocol that protects sensitive cardholder information through encryption. It ensures that everything is encrypted at every stage of the transaction – it drives the security of contactless payments right across the payment ecosystem.
Merchants can’t accept card and contactless payments without it. Crucially, as everything is encrypted from start to finish, it means that merchants never hold any card data about their customers.
In-person payments and security at Aevi
At Aevi, we make sure all our products are secure and safe for all our customers. PCI certifications are a common standard in the payment environment, and we are no exception. Our payment platform features P2PE encryption and ensures data from contactless payments is always encrypted – at every stage of the payment process.
Discover more about our platform and what it can mean for your business.
