Off to the Barclaycard Wireless Festival for the day. I don't really understand why its still called that. In the old days, when it was sponsored by O2, then calling it the wireless festival sort of made sense. But now it's sponsored by Barclaycard, they should probably call it the Contactless Festival instead. Anyhow it featured a great many very popular bands, as evidenced by the enormous crowd trying to get in.

I know it looks chaotic but in the end it only took about 25 minutes to get in. Contactless was much in evidence. Barclaycard had kitted all of the bars out with contactless terminals and were kind enough to give me one of the promotional lanyards containing a contactless card (a Visa gift card preloaded with £20) to go and try out. Which, naturally, I did. And, I have to say, it worked perfectly. As testimony, allow me to present the first beer I bought with it!

Being me, I couldn't leave it at that though, and I started to try out some other contactless paraphernalia about my person. An obvious experiment was to try my Barclaycard phone, and that worked too, but oddly it went online, which rather slowed the transaction down. I don't understand why it did this, so I'll ask the chaps when I'm next in the office.

More interestingly, I asked a couple of the bar staff what they thought about contactless and they had both positive and negative observations that I promised myself to report in a spirit of openness and balance...

Positive. It's quick, and you don't have to hand the terminal to the customer for them to enter a PIN. And they thought my phone was really cool. They also said that some customers had been paying with their own contactless cards and not just the promotional lanyards.

Negative. There were two big issues that came up in both conversations with bar staff. One was the spending limit, which the bar staff said was too low at £12 (the limit was actually £15, but the all of the drinks cost £4, so you could buy three drinks at £12 but not the advertised four beers in a drinks carrier, because that costs £16). Surely it would have made sense to have subbed the bars so that four beers plus carrier was a £15 special.

Enough of these scientific experiments (most of which I drank), and off to see some of the popular beat combos on show. Here's 47 second taster so that you can get the idea if you've never been to one of these events before.

I was reflecting on the security issue later on, because it really seemed a block. I took the time to explain to one of the women at the bar that there was no risk to her as a customer, because the UK banks' were unequivocal about unauthorised use: if someone uses your card without your permission, they will refund the transaction. Yet she was unconvinced and was clearly uncomfortable about the idea of "no CVM" purchase. This has been true since the earliest days. As I highlighted four years ago:

Among those that are not yet ready to use contactless, security appear to be the dominant consideration. Which means, of course, that whatever we might think about actual security situation we must get better at communicating it.

[From Digital Money: Contactless update]

As I don't know anything about customer communications and public information, I genuinely don't know how to cross this chasm, but I wonder if it's yet more evidence that we should be moving more quickly to contactless phones. The simple PIN code that I need to open up the mobile wallet on my Barclaycard MasterCard phone (the Samsung Tocco that I wrote about before) might well provide the reassurance that people want, even though it doesn't really make much difference to the overall risk (phones are inherently safer than cards because people notice when they go missing anyway).

Overall, the weekend's experiences did leave me with three firm conclusions:

1. Both the public and the merchants liked contactless. In this kind of environment - crowded, quick service - the technology performs very well. These were similar to the results seen elsewhere: the punters like contactless payments.

Festival-goers quizzed on the experience, said they were quicker (96%) and easier to use (98%) than credit or debit cards, while a resounding 100% said they'd want to use the PayPass prepaid wristbands again to pay at other festivals, concerts and sporting events.

[From Finextra: Contactless wristbands join wellies and camping gear as festival essentials]

2. We should accelerate the development of contactless phones, because they help with the security issue.

3. The Horrors are a good band, but not my cup of tea.

These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]

contactless and nfc, prepaid, retail

Comments

Sorry Stephen I should have been clearer: I am only referring to unauthorised use of contactless cards via the contactless interface in a no-PIN transaction.

Posted by: twitter.com/dgwbirch | 05 July 2011 at 03:16 PM

"because the UK banks' were unequivocal about unauthorised use: if someone uses your card without your permission, they will refund the transaction."

I think this is clearly not the case in general, and there have been enough fraud victims in this position appearing on TV for people to be understandably suspicious. There are many reasons banks use to refuse to refund, the two most common being 1) a PIN was used, and 2) they suspect it was a family member.

Contactless is different from ATM/PoS with Chip and PIN, and I haven't heard of any fraudulent use, let alone refusal to refund. I wouldn't hold that much faith in the banks correctly interpreting CVM records however. I know of multiple cases of where a refund was refused for a transaction on the basis that the PIN was used, but when the merchant receipt was retrieved it turned out to be a merchant-override to signature (in one case the TVR clearly showed this to be the case).

I don't think this was any high-tech attack; I simply think fraud investigation staff simply don't have the tools and expertise available to reliably make the correct decision in understanding what has happened.

Posted by: Steven Murdoch | 05 July 2011 at 12:08 AM