I never use these apps, I just don’t trust them at all. In a world of cyber security worries, we put all of our financial info on an app and a phone and expect everything to be safe. I’m just old school. Safety over convenience… as I am In an uber. Lol
Phone payments are magnitudes more secure than card payments as they basically are equivalent to using a brand new card and throwing it away for each transaction (in simplified terms)
It’s still safer. They can steal your wallet and pay for anything trivially. If they steal your phone, they have to be able to unlock it to pay with it.
Anything up to a certain amount. All the banks here have configurable limits for contactless payments (both in number of payments per day and in total amount). If you go over the limit they ask you to confirm in a way that requires the phone anyway. You can also block the cards remotely.
I’d say it’s a decent mix of convenience and security, even if you use cards.
And sometimes you have to resort to using cards because some banks have been migrating from using the NFC directly to using Google Pay and I for one don’t relish giving Google insight into my shopping.
If you go over the limit they ask you to confirm in a way that requires the phone anyway
Oh interesting. Where I am if you go over the limit (usually $100), you just have to input your PIN. But $100 is enough to get up to some serious trouble, considering it’s a per-purchase limit.
And I’ve both never heard of banks using the NFC directly (as opposed to using Google, Apple, Garmin etc. Pay), and wouldn’t trust them in the slightest with it even if they did offer it, because they’re not exactly known for great security. (And I’ll take security over privacy any day.)
They ask for PIN too but that’s a different limit ($20 by default but also configurable). The limits I mentioned block payments for the day if not confirmed.
never heard of banks using the NFC directly
Really? I’ve never heard of Garmin Pay. 😄 But that’s the whole point of the NFC chip being open on Android, so apps can use it directly. On iPhone it’s an artificial limitation imposed by Apple so they can take their cut from payments and have a processor monopoly. On Android any app can just do it — not only banking apps and not only payments, the NFC can be used for lots of things like opening doors etc. There are apps like meal tickets that can issue payments, gym apps and so on. Giving that up and going with Google is extremely narrow sighted.
That’s what the chip on the card does too. It’s an embedded computer that generates one time codes just like the phone.
The main difference is that the phone typically has an extra security measure, like requiring the screen to be on to pay (but you can get a mesh wallet which prevents tap from working); or the phone needs to be unlocked, which is actually useful.
You should look up info about phone payments and temp card numbers in order to reduce some of your fears. Also, check out what is actually stored in epay apps when there’s a connection through a provider, like a bank integration or an integration to another epay partner.
PCI security is about as high as you’d expect from companies that tell consumers they won’t lose their own money to fraud. When it’s the bank’s money, you’d better believe they care.
There are far easier ways to get someone’s money and this ain’t it.
I never use these apps, I just don’t trust them at all. In a world of cyber security worries, we put all of our financial info on an app and a phone and expect everything to be safe. I’m just old school. Safety over convenience… as I am In an uber. Lol
Phone payments are magnitudes more secure than card payments as they basically are equivalent to using a brand new card and throwing it away for each transaction (in simplified terms)
I’m just old school and I always think of a phone snatch. But I understand what you are saying.
It’s still safer. They can steal your wallet and pay for anything trivially. If they steal your phone, they have to be able to unlock it to pay with it.
It’s a valid point. I’m just not one to put all my eggs in one basket. That is just me.
…isn’t your card one basket full of your eggs?
Really the physical wallet. Or maybe that’s a basket full of baskets lol
Anything up to a certain amount. All the banks here have configurable limits for contactless payments (both in number of payments per day and in total amount). If you go over the limit they ask you to confirm in a way that requires the phone anyway. You can also block the cards remotely.
I’d say it’s a decent mix of convenience and security, even if you use cards.
And sometimes you have to resort to using cards because some banks have been migrating from using the NFC directly to using Google Pay and I for one don’t relish giving Google insight into my shopping.
Oh interesting. Where I am if you go over the limit (usually $100), you just have to input your PIN. But $100 is enough to get up to some serious trouble, considering it’s a per-purchase limit.
And I’ve both never heard of banks using the NFC directly (as opposed to using Google, Apple, Garmin etc. Pay), and wouldn’t trust them in the slightest with it even if they did offer it, because they’re not exactly known for great security. (And I’ll take security over privacy any day.)
They ask for PIN too but that’s a different limit ($20 by default but also configurable). The limits I mentioned block payments for the day if not confirmed.
Really? I’ve never heard of Garmin Pay. 😄 But that’s the whole point of the NFC chip being open on Android, so apps can use it directly. On iPhone it’s an artificial limitation imposed by Apple so they can take their cut from payments and have a processor monopoly. On Android any app can just do it — not only banking apps and not only payments, the NFC can be used for lots of things like opening doors etc. There are apps like meal tickets that can issue payments, gym apps and so on. Giving that up and going with Google is extremely narrow sighted.
You usually have to opt-in to NFC payments without an unlock or confirmation. Actually, I’ve never heard of that as a default setting.
You still need biometrics, passwords, pins.
I get the nerves, but I can’t find any reasonable way it’s less secure
Fair enough… I’ll just pay with IOU’s 😂😂😂😂
Well,
…
That’s what the chip on the card does too. It’s an embedded computer that generates one time codes just like the phone.
The main difference is that the phone typically has an extra security measure, like requiring the screen to be on to pay (but you can get a mesh wallet which prevents tap from working); or the phone needs to be unlocked, which is actually useful.
You should look up info about phone payments and temp card numbers in order to reduce some of your fears. Also, check out what is actually stored in epay apps when there’s a connection through a provider, like a bank integration or an integration to another epay partner.
PCI security is about as high as you’d expect from companies that tell consumers they won’t lose their own money to fraud. When it’s the bank’s money, you’d better believe they care.
There are far easier ways to get someone’s money and this ain’t it.