Thursday 14 October 2010

PayPass - not so new kid on the block

It seems that the Commonwealth Bank has been playing with PayPass since 2006. I don't recall ever seeing any information about it, and only in the last couple of months have I seen TV advertising and seen readers sprouting like mushrooms in my neighbourhood.

There are others who have been raising concerns since 2009. Note that the statement on that page about Mythbusters has been retracted by Adam Savage.

There is also a ZDNet Patch Monday podcast (from 4'56" until 14'33") that discusses PayPas and PayWave (the Visa version of the Mastercard PayPass). They state $35 as the limit, which appears to be incorrect, I've been told $100. The podcast discusses some of my concerns - those to do with authentication and hack-ability. It also raises concerns about customer risk assesement, legal issues related to Card (Not) Present transactions, etc.

The podcast also goes on to discuss issues related to checking your statement, which contactless payments will make harder, since you're unlikely to get a receipt and the number of transactions per statement will increase markedly, making it even harder to spot an unsolicited transaction.

1 comment:

Anonymous said...

Isn't the issue of security the Bank's problem? Any hacking or fraud is their cost not the cardholders so why worry - the fact the Bank meets the cost is the reason for all the encryption.