KUALA LUMPUR, 18 Jan 2017:
Allegations that payWave card holders are at risk of their personal data and information being stolen is not as simple as made up in social media, explained IT consultant Mohd Ridzman Azzahari.
While he did not rule out such a possibility, he said it would not be easy – as the card had high security features.
“The card is equipped with high security features including for payment using payWave in which each transaction made is unique.”
Mohd Ridzman, who is also the managing director of Onemyr Awareness, a consultancy on cyber crimes, was asked to comment on a video clip making the allegations on the Internet and social media recently.
“Based on Bank Negara reports, there were no complaints on thefts using payWave to date.”
According to Visa’s official website, the Visa payWave platform is based on secure EMV chip technology – which provides both data protection and transaction security via the use of keys and the latest encryption technology.
It said Visa payWave transactions are processed through the same, reliable payment network as EMV chip and magnetic strip transactions.
“We have designed Visa payWave to ensure that the cardholder is always in control. The retailer must first enter the purchase amount for approval and your card has to be held in very close proximity to the card reader (within 4 cm) in order for a transaction to take place.
“The terminal can also only process one payment transaction at a time.”
Bank Negara Malaysia (BNM) too said recent media postings on electronic pick-pocketing on individuals with contactless cards are not true.
In a statement, BNM said contactless cards are equipped with safety features that made them a secure mode of payment.
“Since 2005, all payment cards in Malaysia have adopted Europay, Mastercard and Visa (EMV) chip card technology which prevents the cloning of cards.
“Details such as card number and expiry date which can be obtained via a scanner are inadequate for cards to be cloned, be it magnetic stripe cards or EMV chip cards.
“To date, there are no cases of cloned EMV chip cards being reported.”
The central bank said contactless cards have an embedded EMV chip with advanced cryptographic security that generated a dynamic code for each transaction.
“This renders contactless cards to be almost impossible to be cloned or counterfeited.”
BNM said Malaysia also adopted a stronger authentication method for online card transactions where cardholders are required to enter a transaction authorisation code (TAC) which is sent to their mobile phones or security devices.
It said that Malaysian cardholders are protected by the liability shift rules introduced by the international card network.
“In the event card details are misused at an overseas merchant’s website that has yet to implement a stronger authentication method, the said merchant will bear the liability of any fraudulent transaction.
“Cardholders are to notify their issuing bank immediately when their payment card is lost or stolen, if their personal identification number was compromised or noticed unauthorised transactions made using their cards.”