• Hey there! Welcome to TFC! View fewer ads on the website just by signing up on TF Community.

How safe is Tap and Pay?

CyberPsych

TF Ace
If I have Tap and pay enabled and keep cards in wallet, can someone scan near may wallet and debit any amount? Looks like a noob question, but I want to know what are the risks of this being enabled. In Fuel bunks, we can't even see how much they're charging but ask us to move forward quickly to get next vehicle in place, says receipt is not available and SMS from bank takes some time to get delivered by which we have already left the bunk. Entering PIN eliminates all these, we can cross check the transaction amount.
 
Is this like phonepe? Filling wallet and paying QR or linking cc to samsung pay like linking Rupay cc to QR?
No.With samsung pay you cannot do scan and pay transaction using credit/debit cards .Samsung pay only supports VISA and MC as of now from limited banks though major banks available.
Scan and pay possible through linked bank accounts only.

Tap and pay(NFC) and Card swipe transaction via phone (Only if your phone supports MST)you can do via samsung pay cards only.

Literally as of now i am not carrying any card in wallet for doing payments.Only samsung Pay as my samsung phone supports NFC as well MST,means any type of payment is possible through my phone like tap and pay and card swipe transations through smartphone at any POS machine supporting VISA and MC.
Now a days Rupay cards on UPI made it cherry on cake as with phone alone all transactions possible..
 
Last edited:
It works flawlessly. I haven't faced a single failed transaction in last 6 years. Card is only required for lounge access 🙂
Yes but for some reason, some machines decline accepting and I get message saying declined due to wrong Cvv

Just happened today, axis refused, had to use hdfc and it worked in Samsung pay. And this only happens with samsung pay, not when you use the actual card. But sometimes it also happens with tap to pay in general even with physical card and have to swipe.
 
Yes but for some reason, some machines decline accepting and I get message saying declined due to wrong Cvv

Just happened today, axis refused, had to use hdfc and it worked in Samsung pay. And this only happens with samsung pay, not when you use the actual card. But sometimes it also happens with tap to pay in general even with physical card and have to swipe.
Oh. That's strange. But wrong CVV ? Does the PoS scan the CVV ? Although, I don't have an Axis card till date but haven't faced this problem with HDFC, SC, Kotak, ICICI and RBL. Maybe it has something to do with Axis tokenization? Maybe deleting and re adding the card will help ?
 
  • Hehe
Reactions: Rkr
Oh. That's strange. But wrong CVV ? Does the PoS scan the CVV ? Although, I don't have an Axis card till date but haven't faced this problem with HDFC, SC, Kotak, ICICI and RBL. Maybe it has something to do with Axis tokenization? Maybe deleting and re adding the card will help ?

No.with samsung pay you cannot do scan and pay transaction.Samsung pay only supported VISA and MC as of now from limited banks though major banks available.
Scan and pay possible through account only.

Tap and pay(NFC) and Card swipe transaction via phone (Only if your phone supports MST)you can do via samsung pay cards only.

Literally as of now i am not carrying any card in wallet for doing payments.Only samsung Pay as my samsung phone supports NFC as well MST,means any type of payment is possible through my phone like tap and pay and card swipe transations through smartphone at any POS machine supporting VISA and MC.
Now a days Rupay cards on UPI made it cherry on cake as with phone alone all transactions possible..
Seems samsung pay works only for Samsung mobile? What are other secure app options for android phones?
 
Seems samsung pay works only for Samsung mobile? What are other secure app options for android phones?
With Rupay CC on UPI, even samsung pay will soon become less used.Only drawback is daily limit on Rupay CC on upi is 1 lacs.Once it get revised in future then surely it will close the door for samsung pay.

Paytm offers tap and pay for supported phone for tap and pay payments.
 
With Rupay CC on UPI, even samsung pay will soon become less used.Only drawback is daily limit on Rupay CC on upi is 1 lacs.Once it get revised in future then surely it will close the door for samsung pay.

Paytm offers tap and pay for supported phone for tap and pay payments.
Only a matter of time samsung also allows Rupay, besides you only need to do 12 transactions to get the points, after which you can use other apps, that's what I've been doing all this years
 
Both Google Pay and Paytm doesn't have this feature on iPhone 🙁
yeah on iphone, NFC is kind of useless.. i hope with news on Apple Pay it will launch in India sooner cause i use Samsung Pay which is so fast once apply pay is available to us it would great to use both of the ecosystem and see which far better. even though Samsung pay would still win but then not sure why can't see use galaxy watch without changing region for tap and pay.
 
  • Like
Reactions: Rkr
It's obviously insecure and I have it disabled on all my cards. It's not insecure because of a failure in the encryption or communication standards, but because someone can simply steal your wallet and do up to 5 tap-to-pay txes at whatever limit you've set before the card needs authentication. At 2k per tx, that's a 10k loss per card, multiplied by however many cards you have. Even if your bank offers to insure such losses, you still have to go through the hassle of claiming it, filing an FIR to prove theft etc.

Why deal with all of that to save a few seconds?
 
It's obviously insecure and I have it disabled on all my cards. It's not insecure because of a failure in the encryption or communication standards, but because someone can simply steal your wallet and do up to 5 tap-to-pay txes at whatever limit you've set before the card needs authentication. At 2k per tx, that's a 10k loss per card, multiplied by however many cards you have. Even if your bank offers to insure such losses, you still have to go through the hassle of claiming it, filing an FIR to prove theft etc.

Why deal with all of that to save a few seconds?
How is it insecure do you carelessly carry around your phone without having biometric lock? If anything it's more safe to keep your card at home and use your phone biometrics to use tap to pay (in case if samsung, Knox security) anything above 2k it will ask pin. For a someone to steal your money, someone has to steal your phone, figure out how to unlock the phone, the figure out how to break into the app without biometric details, all that for like 2k transaction without pin? You're more likely to get robbed
 
Last edited:
How is it insecure do you carelessly carry around your phone without having biometric lock? It anything it's more safe to keep your card at home and use your phone biometrics to use tap to pay (in case if samsung, Knox security) anything above 2k it will ask pin. For a someone to steal your money, someone has to steal your phone, figure out how to unlock the phone, the figure out how to break into the app without biometric details, all that for like 2k transaction without pin? You're more likely to get robbed
I'm not talking about phones, which at least require you to unlock your phone to use the cards. I'm referring to the much more common tap-to-pay on cards. If you misplace your wallet or get pickpocketed, your maximum loss will be much higher if you have it enabled.

Although the idea of keeping ALL your CCs in one place on your phone makes you extremely vulnerable to the $5 wrench attack. The weakest link in Samsung pay's security is you. If someone hits you on the head with a $5 wrench and ask you to open the biometrics, you absolutely will. Leave your unnecessary CCs at home and at least you only lose whatever you have on hand.
 
Same school of thought as the Titan submarine followed. It's worked so far, so what could go wrong amirite.
Flase equivilance, titan imploded as there was mountain of evidence that proved it's not safe which the ceo actively ignored and went to dive without safe practice, like how you are ignoring all the data that proves tap to pay is more secure than physical swiping, so so what could go wrong when we've just discussed all the possiblities of going wrong are, you're more likely to get your phone robbed and tap to pay will be still more secured than actively carrying your card which a robber can use to tap.
 
Back
Top