MoneySavingExpert.com homepage
Cutting your costs, fighting your corner
Chair, Martin Lewis · Editor, Marcus Herbert
Search bar closed.
MSE News

Amex fixes contactless card security flaw in final win for MSE's campaign

Contactless- news.jpg
Nick Renaud-Komiya
Nick Renaud-Komiya
News Reporter
27 September 2019

American Express has fixed a security flaw which meant lost or stolen contactless cards could be used AFTER they'd been cancelled, in the final step for MoneySavingExpert.com's campaign which has now successfully forced the three biggest card providers to tackle the issue.

American Express has told us that over 95% of all contactless transactions are now being processed 'online' – meaning that customers' banks are immediately alerted that a transaction has been made.

In September 2016, our investigation revealed that lost and stolen contactless cards could be used by criminals long after cancellation. One MoneySaver found five purchases totalling nearly £30 were made on his Halifax debit card eight months after it was stolen and he'd cancelled it.

The security flaw arose because some lower-value transactions were being processed 'offline' – meaning the customer's bank wasn't immediately alerted when a transaction was made, so cancelled cards didn't always receive its instruction to stop working.

MSE has campaigned for three years for card issuers to combat this security flaw, and in January 2019 Mastercard and Visa confirmed the issue was largely fixed, meaning we can now declare a decisive victory as American Express has also fixed the issue.

See our Stop Scams guide for ways to protect yourself from fraudsters.

'It's now much, much less likely this type of fraud will happen to you'

Kirsty Good, head of campaigns at MoneySavingExpert.com, said: "Finally, after years of campaigning, the last major card provider has managed to close this security loophole, making this type of contactless fraud – with a few exceptions – a thing of the past.

"It was outrageous that consumers – months after cancelling their stolen cards – were seeing money fraudulently taken out of their account. All credit to Visa, Mastercard and American Express for tackling this head on.

"If your card is lost or stolen, you still need to tell your bank to cancel it as soon as possible. As always, be extra vigilant when looking at your account and flag any dodgy transactions. But thankfully, it's now much, much less likely that this type of fraud will happen to you."

What's been done to fix the problems?

Visa, Mastercard and American Express have worked to tackle the issue by ensuring the majority of transactions are processed online, though some transactions will have to continue to be processed offline – for example, Transport for London (TfL) journeys will continue to be processed offline as the price you pay depends on how many trips you take and the final amount won't be known until the end of the day or week.

Here's what the major card schemes told us:

  • American Express previously said it would fix the issue by August, and has now confirmed 95% of its transactions are online. It says some transactions, such as those on trains, and at some car parks and train stations, may still be offline.

  • Mastercard says most contactless transactions have been online since March 2018. Again, there are a few exceptions, such as TfL payments.

  • Visa says most contactless transactions have been online since October 2017. It says there are some exceptions relating to payments for public transport.

How MSE campaigned on contactless card fraud

What should I do if my card's been lost or stolen?

Here's what to do:

  1. Tell your bank or card provider as soon as possible, so it can cancel the card and send a replacement.

  2. Keep an extra-vigilant eye on your account and scrutinise small contactless payments to make sure they're legit.

  3. If you think your card's being used fraudulently, tell your bank or building society immediately and report it to Action Fraud.

Amex fixes contactless card security flaw in final win for MSE's campaign - MSE News

Forum image
MSE Email 17 September 2024

For all the latest deals, guides and loopholes simply sign up today - it’s spam free!

Martin's 16 do-nows
To prep early for Christmas
150Mb broadband
From just £14 a month
Flight delayed or cancelled?
Even if years ago & your choice?
Back-to-uni help
Student loans, bank accounts & more
Free Coke Zero, free latte
And more coupons
CHEAPER energy fixes
From E.on & more
Pizza Express 2for1 pizza £1
ANY day
Tools and calculators

Clever ways to calculate your finances

Find your odds of getting top cards
Find your odds for getting a cheap loan
Compare broadband, phone & TV deals
Compares thousands of mortgages
Eight calcs to help you work out the cost
We ensure you’re on the cheapest tariff