SEOUL, South Korea—Flaws that allow attackers to bypass the payment limits on Visa contactless cards have been discovered by two researchers at Positive Technologies.
The attack was tested with five major U.K. banks, successfully bypassing the U.K. contactless verification limit of £30 on all tested Visa cards, irrespective of the card terminal, Help Net Security
reported.
The researchers also found that this attack is possible with cards and terminals outside of the U.K.
“These findings are significant because contactless payment verification limits are used to safeguard against fraudulent losses, which have been increasing in recent years,” Help Net Security said.