Phone payments are magnitudes more secure than card payments as they basically are equivalent to using a brand new card and throwing it away for each transaction (in simplified terms)
It’s still safer. They can steal your wallet and pay for anything trivially. If they steal your phone, they have to be able to unlock it to pay with it.
Anything up to a certain amount. All the banks here have configurable limits for contactless payments (both in number of payments per day and in total amount). If you go over the limit they ask you to confirm in a way that requires the phone anyway. You can also block the cards remotely.
I’d say it’s a decent mix of convenience and security, even if you use cards.
And sometimes you have to resort to using cards because some banks have been migrating from using the NFC directly to using Google Pay and I for one don’t relish giving Google insight into my shopping.
If you go over the limit they ask you to confirm in a way that requires the phone anyway
Oh interesting. Where I am if you go over the limit (usually $100), you just have to input your PIN. But $100 is enough to get up to some serious trouble, considering it’s a per-purchase limit.
And I’ve both never heard of banks using the NFC directly (as opposed to using Google, Apple, Garmin etc. Pay), and wouldn’t trust them in the slightest with it even if they did offer it, because they’re not exactly known for great security. (And I’ll take security over privacy any day.)
They ask for PIN too but that’s a different limit ($20 by default but also configurable). The limits I mentioned block payments for the day if not confirmed.
never heard of banks using the NFC directly
Really? I’ve never heard of Garmin Pay. 😄 But that’s the whole point of the NFC chip being open on Android, so apps can use it directly. On iPhone it’s an artificial limitation imposed by Apple so they can take their cut from payments and have a processor monopoly. On Android any app can just do it — not only banking apps and not only payments, the NFC can be used for lots of things like opening doors etc. There are apps like meal tickets that can issue payments, gym apps and so on. Giving that up and going with Google is extremely narrow sighted.
Oh yeah I know it’s theoretically possible. I’ve just never heard of it actually being done, for payments specifically, by banks. Using Google Pay doesn’t restrict you from also using any of those other use cases: you’re not giving anything up in terms of flexibility of functionality.
Yeah Garmin Pay is the equivalent on Garmin smartwatches. Unfortunately it’s not as widely supported by banks (at least where I live) as Google and Apple Pay are.
That’s what the chip on the card does too. It’s an embedded computer that generates one time codes just like the phone.
The main difference is that the phone typically has an extra security measure, like requiring the screen to be on to pay (but you can get a mesh wallet which prevents tap from working); or the phone needs to be unlocked, which is actually useful.
Phone payments are magnitudes more secure than card payments as they basically are equivalent to using a brand new card and throwing it away for each transaction (in simplified terms)
I’m just old school and I always think of a phone snatch. But I understand what you are saying.
It’s still safer. They can steal your wallet and pay for anything trivially. If they steal your phone, they have to be able to unlock it to pay with it.
It’s a valid point. I’m just not one to put all my eggs in one basket. That is just me.
…isn’t your card one basket full of your eggs?
Really the physical wallet. Or maybe that’s a basket full of baskets lol
Anything up to a certain amount. All the banks here have configurable limits for contactless payments (both in number of payments per day and in total amount). If you go over the limit they ask you to confirm in a way that requires the phone anyway. You can also block the cards remotely.
I’d say it’s a decent mix of convenience and security, even if you use cards.
And sometimes you have to resort to using cards because some banks have been migrating from using the NFC directly to using Google Pay and I for one don’t relish giving Google insight into my shopping.
You usually have to opt-in to NFC payments without an unlock or confirmation. Actually, I’ve never heard of that as a default setting.
Oh interesting. Where I am if you go over the limit (usually $100), you just have to input your PIN. But $100 is enough to get up to some serious trouble, considering it’s a per-purchase limit.
And I’ve both never heard of banks using the NFC directly (as opposed to using Google, Apple, Garmin etc. Pay), and wouldn’t trust them in the slightest with it even if they did offer it, because they’re not exactly known for great security. (And I’ll take security over privacy any day.)
They ask for PIN too but that’s a different limit ($20 by default but also configurable). The limits I mentioned block payments for the day if not confirmed.
Really? I’ve never heard of Garmin Pay. 😄 But that’s the whole point of the NFC chip being open on Android, so apps can use it directly. On iPhone it’s an artificial limitation imposed by Apple so they can take their cut from payments and have a processor monopoly. On Android any app can just do it — not only banking apps and not only payments, the NFC can be used for lots of things like opening doors etc. There are apps like meal tickets that can issue payments, gym apps and so on. Giving that up and going with Google is extremely narrow sighted.
Oh yeah I know it’s theoretically possible. I’ve just never heard of it actually being done, for payments specifically, by banks. Using Google Pay doesn’t restrict you from also using any of those other use cases: you’re not giving anything up in terms of flexibility of functionality.
Yeah Garmin Pay is the equivalent on Garmin smartwatches. Unfortunately it’s not as widely supported by banks (at least where I live) as Google and Apple Pay are.
You still need biometrics, passwords, pins.
I get the nerves, but I can’t find any reasonable way it’s less secure
Fair enough… I’ll just pay with IOU’s 😂😂😂😂
Well,
…
That’s what the chip on the card does too. It’s an embedded computer that generates one time codes just like the phone.
The main difference is that the phone typically has an extra security measure, like requiring the screen to be on to pay (but you can get a mesh wallet which prevents tap from working); or the phone needs to be unlocked, which is actually useful.