OPINION: Criminals unlikely to take a swipe at your payWave

I'VE met farmers from Coonabarabran, magistrates from Toowoomba and retired engineers from Bribie Island during more than 40 community briefings about identity theft risks and response strategies.

And security is the most common concern for city slickers, coastal dwellers and cockies alike.

People always want to know whether payWave is safe and how easy it is for someone to use it to steal from you.


Of the most recent 1000 engagements with people who have experienced identity theft and engaged with iDcare, payWave has only featured once.

It has a number of defences.

First, you generally know within pretty quick order when your card has been lost or stolen. The time it takes for people in this position to contact their financial institution and cancel or block their account can be swift.

This disadvantages the want-to-be payWave criminal.

The other natural defence is the fact $100 is the upper limit per transaction in Australia.

On average, identity-related thefts and misuse reported to iDcare result in a $5700 loss - that would equate to a maximum of 57 separate transactions in payWave-speak. Not logistically likely for the criminal.

A related concern is whether card protection sleeves and wallets work.

iDcare has tested some of these technologies with the Queensland Police Fraud and Cyber Crime Group.

Overwhelmingly, these products work in denying a payWave-type transaction.

My advice is that if you feel safe using it, great, even if the chance of a criminal actually waving a magic wand to acquire your card details is extremely remote.

Skimming remains a constant fear and while it is an issue, it is increasingly less-so with the advent of "chip and pin" cards.

What's more of an issue is "card not present" fraud - the acquiring of

credit card information (on the physical card) and using this to purchase goods and services online.

But credit card losses are typically not worn by the cardholder. They are worn by the financial institution or the purchase point.

So, while most of us will experience it at some point, the impact to the individual is likely to be restricted to the inconvenience of having a credit card reissued.

And finally, people ask how safe internet banking is.

That depends on how frequently you download and run anti-virus software (it should be at least weekly).

It depends on how frequently and to what level of complexity you maintain your passwords.

It depends on whether you have changed your factory default passwords on your internet infrastructure, such as your modem (these are typically not changed and the passwords are readily available online).

If you do all of these things and don't share your login details, you are pretty secure.

Dr David Lacey is a director of iDcare - Australia and New Zealand's free identity support service - and senior research fellow in identity crisis at the University of the Sunshine Coast.

If you have concerns about your personal information, contact iDcare at http://www.idcare.org or call 1300 432 273.