Near-field communication (NFC) payments are fairly common in the UK nowadays, allowing customers to pay for items up to £30 by tapping their card onto a reader. Colloquially dubbed “contactless,” UK bank Natwest is pairing this technology with a fingerprint reader that uncaps the standard limit while forgoing archaic passwords.
Contactless payment has always carried with it a number of security risks from thieves carrying their own readers, making the £30 limit necessary. Some banks even impose a limit on the number of uses before the owner has to slide their card into the reader and punch in their pin number to activate contactless once again.
As shown with trials on credit cards back in 2015, adding a fingerprint reader onto the debit card itself potentially does away with both protocols, requiring users to place their thumb on the sensor when placing their card against a compatible machine. Natwest’s efforts mark the first time that the combination of technologies have reached debit cards, granting the ability to make much larger payments with the ease of contactless and none of the risk.
Natwest has been cautious with its tests, ensuring that the fingerprint data is locally stored on the card rather than on a server. Without means to remotely hack such personal data, attackers would have to resort to imitating a victim’s fingerprints manually, making it much more secure than chip-and-PIN or traditional contactless.
Unfortunately, the main caveat is that participants will have to visit a Natwest branch in order to set things up fully and register their fingerprint. The company behind the technology, Gemalto, has expressed their wishes to allow users to set things up in the comfort of their own home, with a smartphone in future versions.
KitGuru Says: Given that Gemalto highlights the prevalence of fingerprint readers on smartphones, it’s curious why the technology hasn’t been implemented on Google Pay or Apple Pay to uncap the same limitations seen on contactless. Hopefully this is implemented in the future, as it would also do away with the need to carry around a separate card.