R&D Chief for Tesco.com Questions Contactless Security
The head of research and development for the online operation of huge UK-based supermarket and general merchandise chain Tesco has reportedly expressed doubts about the security of contactless payments and maturity of the technology.
Nick Lansley, while noting that he was speaking personally and not for the chain, reportedly said contactless is "not as secure as people make it out to be." He was speaking at the Retail Week 2011 conference in London yesterday.
Apparently speaking about both contactless cards and NFC phones, Lansley reportedly expressed concerns that parties could eavesdrop on the short-range radio signal between the retailer’s terminal and the phone.
"Like RFID, it needs to mature," he was quoted by Retail Week, the publication sponsoring the conference. "I’m not going to use any NFC, except Oyster card, until somebody sorts more of this out. It’s a solution looking for a problem, and it’s not a very good solution."
A spokesman for Tesco told NFC Times the big grocer has been trialing contactless payment at one Tesco Metro store since last year, trying to gauge customer acceptance of the technology. He did not have an immediate response to whether Tesco has concerns about security or maturity of the technology.
While they were likely rogue comments from one of the chain’s staffers, who probably isn’t involved directly in evaluating contactless technology at the point of sale, they are the same security fears expressed by some consumers, including in the United States. Banks and merchants there began rolling out contactless technology nearly six years ago.
U.S. contactless backers have said that while eavesdropping is possible on open-loop payment cards, fraudsters would only get the consumer’s account number and possibly his or her name, but would not have enough to clone a card to conduct transactions at the physical point of sale or make purchases from Web merchants that ask for card verification codes, found on the back of cards. EMV cards, which the UK banks use, would have somewhat higher security.
But the comments will not be helpful to backers of the technology in the United Kingdom, such as UK-based issuer and acquirer Barclaycard, in their efforts to sign up more tier-one merchants. Tesco, the largest retailer in the United Kingdom, is a prime target.
At present, about 42,000 merchant locations in the United Kingdom accept contactless payment, most of them part of small chains or sole proprietorships. Barclaycard and its parent, Barclays bank, led the UK rollout, which began in September 2007. A spokeswoman for the bank told NFC Times a comment on the Tesco staffer's remarks would be forthcoming.
Facebook
Twitter
LinkedInHEADLINE NEWS
Syndicate
