Technology and Science

Scam alert: Rise of NFC payment fraud in South Africa

While the digital era ushered in conveniences to simplify our lives, it also opened the doors for criminals to exploit the vulnerabilities of near-field communication (NFC) technology.

Recently, the Ombudsman for Banking Services in South Africa warned of new NFC scams doing the rounds, used by fraudsters to steal bank information.

Here’s what you need to know.

Advertisement

NFC payment scams in SA

NFC technology utilises a data exchange between devices; it’s the tech that enables you to pay for your purchases via Samsung Pay, Apple Pay, with virtual cards on your phones, etc.

Unlike the traditional card-not-present (CNP) fraud transactions that require one-time pins (OTPs), NFC payments bypass this added security layer.

Reana Steyn, the Ombudsman for Banking Services, says once criminals obtain your card information, it can be used to link their smart devices to Samsung Pay, Apple Pay, and the like.

Advertisement

And once their phone is linked to your card, they can use it for point-of-sale (POS) transactions in stores, with you being none the wiser.

So, how do they do it?

In order to set up the link, they need an OTP or a Smart inContact notification sent either to your registered number or a banking app.

They set this up via phishing, using deceptive emails or fake websites to impersonate legitimate businesses and vendors.

Advertisement

You may think that link you clicked on took you to a company’s official website, while in reality, you are inadvertently authorising the fraudster to set up the link between their device and your data.

Scams on the rise

The figures are staggering. The ombudsman investigated approximately 124 NFC fraud-related complaints, with financial losses in the millions.

One South African bank reported more than 6 000 related complaints between January 2022 and June 2023, with victims’ losses amounting to over R6.5 million.

Advertisement

Steyn said most fraudulent purchases were made in foreign jurisdictions, and she said this is a clear indication of an international crime syndicate targeting South African consumers.

Protect yourself from NFC scams

Prevention remains the best defence against OTP fraud.

Steyn highlights the importance of caution when accessing unsolicited links, understanding how OTPs messages are sent, and never being pressurised into sharing your OTPs.

Advertisement

She also reminded bank customers to be vigilant and not too trusting with card information, especially OTPs.

Other essential tips include:

  • Verify the authenticity of any request for OTPs by directly contacting the organisation.
  • Enabling two-factor authentication methods other than OTPs, such as biometric authentication.
  • Regularly updating passwords and avoiding using the same password across different accounts.
  • Keeping personal information private.

For more news your way

Download our app and read this and other great stories on the move. Available for Android and iOS.

Published by
By Cheryl Kahla