17 
Barclays may have to recall a staggering 13 million credit and debit cards, after vulnerabilities were found in its contactless payment system which allowed an NFC-enabled phone to steal card details with a simple bump.
Channel 4, which exposed the flaw discovered by security firm ViaForensics, says it managed to obtain card numbers, expiry dates and user names by simply tapping an NFC phone to a contactless-enabled Barclays card. None of the data was encrypted, meaning modern-day pickpockets could grab your credit card details by simply bumping an NFC smartphone into your pocket.
The problem is so potentially worrying that Barclays has been summoned by the Information Commissioner today to give its side of the story. Barclays and Visa claim it’s not actually a problem with the software, because that’s how NFC payments are supposed to work, and there ought to be safeguards in place to stop thieves actually using the stolen data.
However, Channel 4 was able to set up an Amazon account and use the nicked details to make purchases, so clearly something’s not right. [Channel 4]
Great news,I’ve got an NFC enabled phone, where can I download this App?
Worrying as I have both a credit card and debit card with contactless payment capabilities. You stay away from me Darrell!
You could alsways buy one of those NFC-blocking wallets!
You get Essex and I get London. Just dividing the turf to keep it organised
I don’t wan’t to get into a turf war with you, but that’s hardly a fair split. I think I should get the east end too.
Ok. You can keep the east end but only after the Olympics.
Maybe we should share during the Olympics, there will be enough profit there for both of us.
We are civilised business man (maybe business geeks), so ok.
D’oh!
What about the other companies?
Virgin Money, for example
If it’s supposed to be how it works – then how do the other providers protect the cards?
I don’t think this is as bad as it seems. Yes, it shouldn’t exist, but the article seems to suggest that the two things actually need to touch. So either the pickpocket has to put the phone in the persons wallet (impractical. You’re much more likely to feel that then a thing finger),or pinch the card anyway. So I very much doubt this will become a worry.