Call for Higher Contactless Payment Limits
UK Finance, who represent the banking industry, are reported by The Times newspaper to have asked the Treasury to increase the contactless payment limit from £45 to £100. Prior to the COVID pandemic the limit had been £30. The Financial Conduct Authority would have to approve any change.
In 2019, according to UK Finance figures, contactless card fraud was about 2.6p per £100 spent, including mobile phone contactless payments which have no payment limit and so have a higher payment value. Mobile contactless payments are regarded as more secure than cards, so it is likely that the fraud figure for contactless card fraud alone is higher. This figure is not currently published.
In the first half of 2020, contactless card fraud fell 20% to £8.2 million, about 2p per £100 spent. This is the first time there has been a decrease in contactless losses since data started to be collected. This was due in part to the reduced opportunity for fraudsters to take advantage of contactless during the lockdown period of the pandemic.
It will be interesting to see the full year figure for 2020 for contactless card fraud to see whether the increase in the payment limit to £45 has had any impact. Strong Factor Authentication (SFA) requires a PIN to be entered after five taps or a cumulative spend of £135. Mobile wallets meet SFA requirements without this.
What we cannot be clear on is whether the banks are calling for a higher limit because they are being pragmatic about the higher level of use of cards or because they have to pay an additional fee if their customers pay using a mobile wallet.
The rise of cyber-crime
The move to more online activity started well before the pandemic began, although the pandemic has accelerated the move to online spending. This is illustrated by the Adobe unit that analyses Adobe Analytic Data. As part of this, it tracks the digital economy, and this showed that at the height of the first lockdown in the US, online spending went up 77% on the same month a year earlier.
In response to changing payment behaviour, criminals have innovated – creating a wide range of new ways to commit fraud. A recent article in the Financial Times quoted James Lews, an expert in cyber security at the Washington Center for Strategic and International Studies (CSIS), who stated that ‘you have no privacy when you use an online payment system. Your transactions are transparent in a way that they never were before’. This gives criminals new ways to defraud people.
McAfee, who produce security software, have also worked with the CSIS to estimate that cyber-crime has risen by 50% since 2018 to reach about 1% of global GDP.
An Interpol report on the rise in cyber-crime during the pandemic used data from one of its private sector partners to illustrate the size of the challenge. In one four-month period (January to April) it detected some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs, all related to COVID-19.
UK Finance data
UK Finance data for the first six months of 2020 covers every type of payment related crime. Here we refer to just a subset of that data.
It is clear that there has been a big increase in the number of impersonation scams. They almost doubled to 15,000. There has also been a move to more online scams, for example fake investments promoted on search engines, fake goods listed on auction websites and what are known as ‘romance’ scams, where criminals pose as would-be partners on online dating platforms.
Although in the first half of 2020, a total of £207.8 million was lost to authorised push payment (APP) fraud, losses in other areas have fallen. Unauthorised fraud fell by 8% to £374.3 million and the banking and finance industry prevented a further £853 million of attempted unauthorised fraud. This equates to the industry preventing £6.95 in every £10 of attempted fraud. This level of attempted unauthorised fraud was similar to the same period in 2019.
The UK introduced a voluntary code on APP fraud in May 2019, with the result that more customers are now being reimbursed; £73.1 million of APP fraud losses were returned to victims, up 86% compared to the same period last year.
Payment card fraud totalled £288.2 million in the first half of 2020. This was down 8%, although this is in the context of the overall value of card spending also falling 8% during this period. Card fraud as a proportion of card purchases has remained at 8.4p per £100 spent.
Crime in perspective
Relative to the sums of money being transacted, one could regard the losses to crime as relatively insignificant. No crime is victimless of course, and individuals and businesses experience loss and disruption as a result. The risk to the payment providers is an erosion of confidence in their products and, ultimately, their businesses.
One of the arguments for Central Bank Digital Currencies lies in trust, of course. For all payments, cash sets the benchmark since the losses associated with the specific nature of cash as a payment instrument – counterfeiting, ATM attacks, theft – are small in comparison with the those referred to above.
The call for higher contactless payment limits suggests that UK Finance, and the banks it represents, is confident that the profits from higher value card payments can offset the losses likely from the higher limits.
Subscriber content
Read the full article
Full access to Cash & Payment News articles, newsletters and archives.