Current location - Trademark Inquiry Complete Network - Overdue credit card - Reporters actually measured that bank cards are indeed stolen through the air.
Reporters actually measured that bank cards are indeed stolen through the air.

Have you ever imagined this scenario: Someone gets your bank card with the "Quick Pass" logo. As long as the amount of the card is within the password-free and visa-free range, you can use the POS machine to make transactions without you. Enter your password and signature. Even if the bank card is still in your hand, if it is approached by a POS machine with NFC function, the card can still be swiped, and the cardholder's password and signature are also not required.

Don’t think that such “air theft” does not exist! After actual testing by reporters, this does happen in reality. Therefore, if you are hit by someone on a crowded subway or on the roadside, you must be vigilant. It is possible that your bank card has suffered an "accident."

Why? It’s all caused by the “small-amount password-free payment” function enabled by default and the poorly managed POS machine!

"Air theft" does indeed exist

According to media reports, since November 2018, the Guangzhou police have received reports from the public claiming that bank card funds have been stolen. According to the victim, the bank card was always in his hand, but the money on the card was missing. After investigation, it was found that the suspect took advantage of the small password-free payment function of the chip bank card, and used a disguised POS machine to sense the bank card in the owner's wallet in an area with a large flow of people, and carried out theft.

Is it really that amazing? A reporter from "IT Times" conducted an experiment.

The reporter put a bank card with Quick Pass function in the card holder, set the card amount to 10 yuan on a POS machine with NFC function, and then put the POS machine close to the bank card , a few seconds later, the POS machine will display a prompt that the transaction was successful. If you hadn't seen it with your own eyes, it would be hard to believe it. After a while, the reporter's mobile phone received another text message reminder of a bank card transaction.

The reporter put the bank card in his wallet again and used the same method to "swipe" it. This time it was unsuccessful. There should be two reasons. One is that the wallet is relatively thick, and there are With cash and various documents, the POS machine cannot read the bank card information; secondly, there are multiple bank cards with Quick Pass function in the wallet, which also causes the transaction to fail.

Judging from the experimental results, "air fraud" requires certain conditions to be realized. For example, the bank card is a quick pass card and small-amount password-free payment is enabled. The distance between the POS machine and the bank card cannot be too far. etc., but no matter what, the risk of fraud does exist.

The "Small-amount password-free payment" function is basically enabled by default

Maybe you will say, "I have not enabled password-free payment, so fraud has nothing to do with me." Don't get too happy too soon. . Because "Small-amount password-free payment" is enabled by default, if you have not turned it off, it is likely to be enabled.

The reporter owns an Agricultural Bank of China debit card. Through the telephone customer service of the Agricultural Bank of China, the reporter learned that this card has a password-free payment function. In fact, when applying for the card, the reporter did not receive any information from the teller about the password-free payment function. Reminder for activation of secret payment function. In the end, the reporter turned off this function through the Agricultural Bank of China’s PC official website.

The same is true for Ms. Hao, a citizen. She went to a bank to apply for a replacement bank card. On the business application form, she did not see any reminder about password-free payment authorization. According to the teller of the bank, the small amount password-free payment function is enabled by default. If you need to turn it off, you need to operate it in the web version of online banking.

A teller from China Construction Bank told reporters that the teller needs to remind users who sign up for a card only for the transfer function. “This function requires the user to check and agree to enable or close it. There are no regulations for the password-free payment function.”

p>

The reporter learned that to turn off the small-amount password-free payment function, each bank has different operating methods. For example, Agricultural Bank of China and Shanghai Pudong Development Bank can operate it on the PC side of their official websites, while some banks have to do it offline. .

Starting from June 1, 2018, the single limit of UnionPay’s small-amount password-free and visa-free payment business has been raised from 300 yuan to 1,000 yuan. That is to say, if a card is enabled for small-amount password-free payment by default, Quick Pass card, no password or signature is required for purchases within 1,000 yuan.

According to China UnionPay's "UnionPay Card Small-amount Password-Free and Visa-Free Business Rules", it clearly stipulates the obligations that card issuers and acquirers should perform to inform cardholders before opening business, and actively urges Each member institution participating in the dual exemption business shall comply with the provisions of the business rules. Various banks have also clearly reminded cardholders of relevant information about the credit card "double exemption" business through official website announcements, SMS notifications, and card collection contracts.

From a payment perspective, "password-free payment" improves payment efficiency, but if the bank card is lost, wouldn't it be easy for fraud to occur? Even if the bank card is not lost, if criminals use the POS machine to swipe the card remotely, money will be lost in minutes.

The ignored user right of choice

Some people like the speed and convenience of "password-free payment", but others pay more attention to security. Everyone’s choice is different. The choice of whether to enable password-free payment should be in the hands of the user.

In 2016, CCTV reported that after LeTV launched “Seven days of premium membership service for one penny”, a large number of users became “premium members” inexplicably, and fees were automatically deducted from their bound accounts. In other words, LeTV has enabled the automatic deduction function for users without user authorization. In a sense, this is a disregard for consumers' right to choose.

Regarding the risks that may arise from enabling small-amount password-free payments by default, a relevant person from UnionPay said that small-amount password-free and visa-free service transactions have limit control. Transactions exceeding the set limit must enter a password to be successful. At the same time, major card-issuing banks also control the cumulative daily password-free limit for a single card; in addition, China UnionPay and the card-issuing bank have configured intelligent risk control technology for small-amount password-free and visa-free transactions, and will immediately activate relevant risk prevention and control measures when risks are discovered. , protect cardholders’ payment security. Moreover, in order to reduce cardholders' concerns about card security, UnionPay and commercial banks have set up special compensation funds for cardholders, providing a small-amount double-free "full risk compensation" service, which can cover cardholders' fraud losses.

However, instead of paying compensation afterwards, it is better to inform them in advance. For users, once an account loss occurs, how to self-certify that it has been stolen and what the compensation process is are all problems.

In the era of mobile payment, many apps involving payment have a "password-free payment" function. Some apps will obtain user consent when activating password-free payment. For example, in Shouqi Car Hailing, you can activate functions such as Alipay password-free payment, WeChat password-free payment, and credit card password-free payment, but these require user authorization before they can be used.

The threshold for POS machine processing is low and there is a lot of chaos

The default activation of small-amount password-free payments is one of the reasons for bank card theft. Looking at the incidents that have occurred , the tool used by the suspect is a POS machine. In essence, POS machines are payment-acquisition machines, but now they have become tools for committing crimes.

In October 2016, the People's Bank of China issued a notice explicitly requiring a ban on online sales of POS machines. In the same year, the China Payment and Clearing Association issued a notice requiring further strengthening of the management of bank card acquiring business. Although it has been explicitly stopped, illegal sales of POS machines still exist.

Mr. Guan (pseudonym), who purchased a POS machine from a POS machine agent, told reporters that he only needs to provide the agent with his ID card, bank card, etc., and he can quickly set up a POS machine. And there is no hardware cost. "The cost is that you will need to pay 6.6 percentage points for future transactions on this POS machine, plus an additional 3 yuan for a second payment." As for the purpose of purchasing a POS machine, Mr. Guan said frankly that it is to cash out and "set off" between credit cards.

Low acquisition costs and low crime costs have led to the frequent occurrence of various incidents such as cashing out and theft of POS machines. When bank card transactions become more "fast", these POS machines obtained in violation of regulations will A "place of use".

The emergence of mobile POS machines may bring greater risks

In December 2018, China UnionPay joined forces with commercial banks and some domestic mobile phone manufacturers to launch the first batch of trial points for mobile POS products. cooperate. To put it simply, in the future, mobile phones can also be transformed into POS machines. Merchants only need to activate online acquiring services on their mobile phones. There is no need to post anything, and there is no need to buy POS machines, code scanners and other equipment. UnionPay mobile POS not only supports payment, It also supports UnionPay IC card QuickPass and UnionPay Mobile QuickPass. In other words, consumers can not only use payment, but also directly swipe their bank IC cards or mobile phones on merchants’ mobile phones.

For UnionPay and merchants, mobile POS products can help merchants acquire orders at a lower cost. At the same time, with the high penetration rate of smartphones, the acquiring business can become popular. However, the question arises, when the mobile phone becomes a POS machine, will "air fraud" become more cost-free and concealed? Now, you still need a POS machine to swipe a QuickPass card. In the future, just touch your mobile phone with someone else's mobile phone or QuickPass card, and the transaction will be successful?

Related articles
  • Do I still need to issue a settlement certificate after the credit card is overdue?
  • The staff of China Construction Bank called me and asked me if it was safe to apply for a credit card?
  • How to cancel the credit card of Shanghai Industrial and Commercial Bank?
  • I'm going to travel to Japan with my sister in a few days. Can I use Guangfa Credit Card to swipe it?
  • "Life-saving Straw" or "Economic Opium" Exceeding consumption makes young people "poor and busy"
  • Minsheng Credit Card Validity Period
  • What does credit card debit interest mean?
  • How to pay by installment for credit card repayment
  • What does it mean that the credit card of Rural Commercial Bank is transferred out of 6 yuan every month?
  • I don't need to cancel my credit card.

    • copyright 2024 Trademark Inquiry Complete Network All rights reserved