Cashless Olympics increases opportunities for cyber criminals

A security expert has suggested that NFC technology can be used to steal sensitive card data with the swipe of a phone

Cyber criminals will be rubbing their hands at the prospect of a cashless Olympics this summer in London.

According to security expert Mike Urban, director, financial crime risk management solutions at financial services technology provider Fiserv, the cashless Olympics means an extra nine million potential victims for opportunistic card fraudsters.

"With a cashless Olympics, cards will be the only means of carrying out transactions," said Urban.

"This, combined with the influx of visitors expected in London, means that fraudsters are well placed to make the most of this event by targeting unsuspecting visitors to the Games," he added.

He explained that near-field communication (NFC) technology, which can enable mobile phone payments to be made simply by holding a smartphone close to another wireless capable device, also provides opportunities for cyber criminals.

"NFC technology can be adapted to collect sensitive data from cards with just the swipe of a phone.

"Furthermore, retailers with connected systems and networks also risk cyber attacks - once fraudsters have hacked into the network, they have access to every server, point-of-sale device, and PC connected to it."

According to Urban, sophisticated technology is not needed to enable this form of fraud.

"Typically it involves either trapping a card in a machine, skimming the magnetic stripe's information, and videoing the PIN as it's being entered, or hacking into a network.

"The problem is, magnetic stripe technology is old. And many of the global travellers to the Games will arrive with magnetic stripe cards, not chips. The widespread use of common operating systems also compounds the problem; hackers and fraudsters know how to breach these systems."

He concluded by recommending real-time fraud monitoring as a potential solution.

"The best way to mitigate the damage caused by card fraudsters is to invest in real-time fraud monitoring. Front-end solutions are not enough, so back-end technology needs to step up.

"Transaction monitoring that provides behavioural profiling and detects pattern recognition can help identify fraudulent activity in real time, reducing the losses to retailers and thwarting fraudsters' attempts."