• @9point6
    link
    English
    266 months ago

    Phone payments are magnitudes more secure than card payments as they basically are equivalent to using a brand new card and throwing it away for each transaction (in simplified terms)

    • The Soca Vault
      link
      English
      46 months ago

      I’m just old school and I always think of a phone snatch. But I understand what you are saying.

      • Zagorath
        link
        fedilink
        English
        126 months ago

        It’s still safer. They can steal your wallet and pay for anything trivially. If they steal your phone, they have to be able to unlock it to pay with it.

        • The Soca Vault
          link
          English
          46 months ago

          It’s a valid point. I’m just not one to put all my eggs in one basket. That is just me.

          • @darganon
            link
            English
            86 months ago

            …isn’t your card one basket full of your eggs?

            • @littlewonder
              link
              English
              26 months ago

              Really the physical wallet. Or maybe that’s a basket full of baskets lol

        • lemmyvore
          link
          fedilink
          English
          16 months ago

          Anything up to a certain amount. All the banks here have configurable limits for contactless payments (both in number of payments per day and in total amount). If you go over the limit they ask you to confirm in a way that requires the phone anyway. You can also block the cards remotely.

          I’d say it’s a decent mix of convenience and security, even if you use cards.

          And sometimes you have to resort to using cards because some banks have been migrating from using the NFC directly to using Google Pay and I for one don’t relish giving Google insight into my shopping.

          • @littlewonder
            link
            English
            16 months ago

            You usually have to opt-in to NFC payments without an unlock or confirmation. Actually, I’ve never heard of that as a default setting.

          • Zagorath
            link
            fedilink
            English
            16 months ago

            If you go over the limit they ask you to confirm in a way that requires the phone anyway

            Oh interesting. Where I am if you go over the limit (usually $100), you just have to input your PIN. But $100 is enough to get up to some serious trouble, considering it’s a per-purchase limit.

            And I’ve both never heard of banks using the NFC directly (as opposed to using Google, Apple, Garmin etc. Pay), and wouldn’t trust them in the slightest with it even if they did offer it, because they’re not exactly known for great security. (And I’ll take security over privacy any day.)

            • lemmyvore
              link
              fedilink
              English
              16 months ago

              They ask for PIN too but that’s a different limit ($20 by default but also configurable). The limits I mentioned block payments for the day if not confirmed.

              never heard of banks using the NFC directly

              Really? I’ve never heard of Garmin Pay. 😄 But that’s the whole point of the NFC chip being open on Android, so apps can use it directly. On iPhone it’s an artificial limitation imposed by Apple so they can take their cut from payments and have a processor monopoly. On Android any app can just do it — not only banking apps and not only payments, the NFC can be used for lots of things like opening doors etc. There are apps like meal tickets that can issue payments, gym apps and so on. Giving that up and going with Google is extremely narrow sighted.

              • Zagorath
                link
                fedilink
                English
                16 months ago

                Oh yeah I know it’s theoretically possible. I’ve just never heard of it actually being done, for payments specifically, by banks. Using Google Pay doesn’t restrict you from also using any of those other use cases: you’re not giving anything up in terms of flexibility of functionality.

                Yeah Garmin Pay is the equivalent on Garmin smartwatches. Unfortunately it’s not as widely supported by banks (at least where I live) as Google and Apple Pay are.

      • @linearchaos
        link
        English
        66 months ago

        You still need biometrics, passwords, pins.

        I get the nerves, but I can’t find any reasonable way it’s less secure

        • The Soca Vault
          link
          English
          26 months ago

          Fair enough… I’ll just pay with IOU’s 😂😂😂😂

    • lemmyvore
      link
      fedilink
      English
      26 months ago

      That’s what the chip on the card does too. It’s an embedded computer that generates one time codes just like the phone.

      The main difference is that the phone typically has an extra security measure, like requiring the screen to be on to pay (but you can get a mesh wallet which prevents tap from working); or the phone needs to be unlocked, which is actually useful.