Contactless security myths debunked

Since contactless payment was introduced in the UK in 2007, consumers have embraced this handy innovation whole heartedly. Starting out at just £5, spending limits for contactless payments have increased steadily to the current level of £45.

Share this guide
Photographic of a man making a transaction through contactless payment

Starting 15 October 2021, the contactless spending limit is getting another increase, more than doubling to £100. While many of us will welcome the convenience of such an increase, some are concerned about the security ramifications of such an increase thanks to a number of misconceptions that prevail among consumers about the safety of contactless payments.

Compare credit cards to find the right deal to help you make easy contactless payments

With this in mind, our personal finance experts show the history of contactless payments and sieve through the fiction and facts to debunk seven common myths around contactless payments. 

The history of contactless security & payment limits

Updated 14 October 2021
YearHistory activity
2007Barclaycard leads the way in pioneering contactless payment in the UK
2010Payment limit increase from £5 to £15
2011The UK's first mobile payment device, Quick Tap was introduced which allowed users to make transactions on their mobile device by tapping a contactless reader
2012Payment limit increased to £20 and wearable tech launches
2015Payment limit increases from £20 to £30
2020Payment limit increases from £30 to £45 during the COVID-19 pandemic
October 2021Payment limit increases to £100

7 common contactless payment misconceptions: 

Myth #1: It’s easy to tap my card and be charged for someone else’s shopping

Contactless payments are so simple and easy to make, however, the myth that you could pay for someone else shopping if your card is nearby is not true. Most terminals are designed to only read cards within a short distance (10cm) so to pay for anything by mistake you would have to be very close. 

The UK Cards Association best practice guidelines state that cards should only be handled by the owner. So you should always be in control of your card and tap your card on payment terminals yourself.  

Myth #2: I can be charged twice if two contactless cards are near a terminal 

In a nutshell, smart security technology has you covered as payment terminals have been specifically designed to only allow for one transaction, preventing you from paying the same thing twice. Some terminals, if it can detect another card nearby, can also ask you to present only one card before carrying out a transaction, some might even cancel your transaction entirely to avoid overpaying. 

Myth #3: My money can be stolen by someone putting a card reader against my pocket

To own a card terminal, with contactless functionality, you need to be registered with a legitimate business account, which makes any fraudulent transactions like this traceable. That’s made this type of fraud almost unheard of in the UK.  Alongside this, card readers will turn down any contactless payments if they are blocked by other objects such as your keys, phone or simply another card. You could go a step further and invest in an RFID wallet to add another layer of security to your payment cards. 

Myth #4: Someone could use a card terminal to clone my card

It is highly unlikely a potential thief would be able to clone your card using a terminal, as with any payment, be it contactless or Chip & Pin, your data is fully encrypted. When a payment is made from card to reader, the advanced encryption technology generates a unique one-time identification code which makes it extremely difficult to create a counterfeit. 

Myth #5: My stolen card means someone could spend my money and I won’t get it back 

Customers are not held liable for any unauthorised transactions from their account, unless they show “gross negligence”. That means if your card is lost, stolen, or you suspect any fraudulent activity on your account, be sure to inform your bank as soon as possible. Once the provider is notified, they will block the card and any further transactions will be declined. Each card also has an inbuilt security feature that means cardholders making contactless transactions are asked to enter their PIN periodically to prove they are the ones using the card.

Myth #6: Fraudsters can use special apps to harvest my data 

There are apps that exist which can read some data from contactless enabled cards nearby. However, any thief would need to be very close to said card to enable data collection. With that said the only data these apps can gather is the account number and expiry, which is not enough for thieves to make transactions from your account.

Myth #7: If I lose or have a connected device stolen, someone can make purchases from my account

When setting up your virtual wallet on a smart device, the device will never display your entire card number, in fact, it will only remember an encrypted number. Essentially instead of storing your specific card details, it will create a virtual account with unique security codes for each transaction. Additionally, all transactions made using a smart device require authorisation through Touch ID, facial recognition, or a PIN. 

Alongside the UK's rise in contactless payments, many other countries have been seen to step up their cashless and contact-free payment methods. Check out which countries have the most cashless economies in the world in our Cashless Countries guide.

Find the best credit card for you, whether you're looking for 0% card for balance transfers or purchases or day to day spending and rewards