How to disable contactless ATMs
Your credit institution has warned you about the increase in the threshold for making a contactless payment without entering the PIN code: since you believe that the amount is too high, you are afraid that an attacker may “intercept” your information and make unauthorized payments using your funds, or steal your ATM card to buy anything.
I want to reassure you right away: this is a rather remote eventuality, almost impossible since the data exchanged between the POS and your card are encrypted and, consequently, illegible to external eyes; moreover, the credit institutions provide for limitations for mini-transactions close in time, precisely to protect users who lose their card.
How do you say? Despite this, to feel even more comfortable, would you like to understand how to disable contactless ATMs, so that your card is no longer usable – even to pay small amounts – without physically inserting it into the reader? Then this is the guide that is right for you: below I am going to explain to you what are the dynamics behind contactless payments, and then show you how to disable this possibility. Enjoy the reading!
Index
- Characteristics of contactless payments
- How to disable contactless ATMs
- Contactless: is it really risky?
Characteristics of contactless payments
Before getting to the heart of the matter and explaining, in practice, how to disable contactless ATMs, let me give you some more information about the dynamics of this payment method.
To begin with, a contactless transaction takes place by bringing the involved elements together – generally a payment card and a contactless-enabled POS terminal – at a distance of 2-3 centimeters: often, to avoid interference and problems due to possible obstacles, we tend overlapping the “devices” until the sound feedback is received. The exchange of data takes place via NFC technology and the information in transit is completely encrypted, therefore safe and protected from potential electronic interception.
Generally, when the transaction amount is relatively low (less than 20 € , 30 € or 50 € , depending on the institution of credit card issuer), you are not asked to enter your PIN to complete payment; however, as you will soon discover, security measures are often applied (such as the automatic blocking of the contactless system, in the case of small and short-term transactions), in order to avoid unauthorized expenses in the event of theft or loss of the card.
As I explained to you in my guide dedicated to payments with NFC, there are some online services (such as Google Pay and Apple Pay, for example) that allow you to associate your credit card with a specific app or service on your smartphone/smartwatch, and use the NFC chip of the latter, to complete the transaction in the authorized shops. In this case, however, the unlocking of the app by the user is always required, via biometrics (fingerprint or face recognition) or by entering a personal code.
The theme of this guide will be to explain how to disable contactless payments from debit/credit cards issued by banks and other credit institutions, often also referred to as ATM cards as the latter almost all have support for the ATM circuit, that is the main circuit of Italian payment and withdrawal (managed by BANCOMAT SpA).
The deactivation of contactless payments on cards, however, does not affect the possibility of paying in contactless mode via smartphone or smartwatch with NFC support, which remains active: to prevent this from happening, simply delete the credit card from your account or from the app used to make NFC payments. In this regard, my guides on how to disable Google Pay, how to disable Samsung Pay and how Apple Pay works may be useful.
How to disable contactless ATMs
Having made the necessary clarifications, the time has come to get to the heart of this guide and to understand, in practice, how to disable contactless ATMs. I want to tell you right away that there is no standard procedure that you can follow since each bank has its own procedure: in general terms, you must access the website or the home banking app of your credit institution and, after have logged in, enter the section dedicated to the card functions and disable contactless payments from there. However, not all credit institutions provide for the possibility of making the contactless functions of payment cards unusable.
That said, I will use as an example a card associated with Poste Italiane’s BancoPosta account. If you have one too, know that in order to proceed you must first register on the Italian Post Office site, you must have validated your phone number and, if you want to act via smartphone/tablet, you must have downloaded, installed and activated the app BancoPosta, available for Android and iOS / iPadOS.
Clearly, these steps also apply to other institutions: to manage the cards linked to an account, you must have access to the home banking system and the dedicated app, if you wish to act on a mobile basis.
Is everything clear so far? OK, so let’s continue with the example linked to the Italian Post Office cards. If you intend to act via computer, connected to the Poste website, click on the Personal Area button, enter your login credentials in the appropriate fields and click on the Login button to log in.
Now, locate the box relating to your Account, click on the Login button and complete the two-factor authentication procedure, by entering the single-use code received via SMS or by confirming access via the BancoPosta app.
Once logged in, click on the Modify card functionality box, then on the View button corresponding to the card number on which you want to intervene and then click on the Customize settings button, located at the bottom of the page that appears.
Finally, locate the drop-down menu Contactless payments, click on it and choose the item Disabled from the same. Finally, click on the Continue button (at the bottom), then on the Authorize button and confirm your identity again, by entering the one-time password received via SMS, or by authenticating via the BancoPosta app, to make the change effective.
If you want to make the aforementioned change using the BancoPosta app, start it, tap the Login button and authenticate by fingerprint/face recognition, PosteID code or Poste Italiane website credentials.
Once the login is complete, tap on the button (>) corresponding to the Account item, then on the symbol of the horizontal lines with the gear wheel that resides in the next screen (next to the account number ), and scroll down the panel that appears on the screen, until you find the item Enable contactless payments.
When you have found it, move the corresponding switch from ON to OFF and confirm the change by authenticating again with your fingerprint, or using the PosteID code.
I repeat that not all credit institutions provide for the deactivation of contactless payments from the cards issued; for more information, I suggest you get in touch with your bank, to get more precise information on the subject.
Contactless: is it really risky?
How do you say? Your bank does not allow you to deactivate contactless payments and you are afraid that, by using them, you could put at risk the funds available on the linked account, or your personal data? Well, I want to reassure you immediately: contactless payments are safe by definition, as the data exchanged via NFC are encrypted and difficult to detect, except by extremely sophisticated devices placed in the immediate vicinity (a few tens of centimeters or a little more).
For this reason, it is extremely difficult – if not impossible – for an attacker to steal your bank details or clone your credit card during a transaction, as they would have no way of stealing the information necessary for potential illegal reuse of the card.
Furthermore, it is often thought that a criminal can carry out continuous mini-thefts by bringing any POS terminal close to the card, while keeping it in a pocket, wallet or purse: beyond the material difficulty of the thing (the device should be extremely close and be able to overcome obstacles of other nearby objects), to be able to receive contactless payments it is essential to be registered with a service provider. Therefore, his name would immediately appear in the list of transactions carried out, as well as in the bank statement, and the thief would have a very short life!
The only danger associated with cards with contactless payments enabled lies in the theft or loss of the same: if you lose your card and do not promptly realize it, an attacker could make purchases for amounts lower than the contactless limit, without entering the PIN.
However, in order to avoid this unfortunate inconvenience, most credit institutions block contactless transactions, if they are carried out too soon, and notify the rightful owner of the card.
Let me tell you: if you lose your card, contactless would be the least of your problems! On the cards, with rare exceptions, the name and surname of the cardholder, the card number, the expiry date and, on the back, the CVV2 / CVC2 code are printed: these data are more than sufficient to make online purchases, on numerous ecommerce sites, almost undisturbed!
For this reason, make sure that your card is always in a safe place and, if you lose sight of it and do not find it where you expected, do not hesitate and contact your credit institution to request its block: generally, banks and offices postal services provide a free telephone number, active 24 hours a day, specifically dedicated to the emergency blocking of the card. If you don’t know what it is, Google for phrases like card block toll-free number [bank name].
In addition, many Smart bank accounts with associated cards allow you to temporarily or permanently block cards directly from the app, with a simple tap.
That said, after blocking the card, file a complaint with the competent authorities as soon as possible: in this way, not only will you be protected, but you can also get a partial or full refund from your bank, in case of unauthorized purchases.
For further information, take a look at this guide of mine, in which I explained how to behave in the event that your credit card is cloned or lost (in practice, the countermeasures to be taken are the same).