Debit card payment not secure for use at parking lots? Can be accessed by scammers, says Ahmad Maslan

Deputy finance minister Datuk Seri Ahmad Maslan has agreed that the use of debit cards for payments at cashless parking lots may not be secure and could cause data leaks to scammers, Sinar Daily reported.

According to the minister, debit card data could be accessed simply by using malware. “I agree with what was mentioned, so we have to continue to be careful, and [from] the figures I stated in the Dewan Rakyat regarding scam fraud [in] the country, almost 22,000 people have become victims and have lost around RM850 million,” he said.

“That number is high and we hope that people will always be careful, especially using cards that can be accessed using special software for accounts,” Ahmad Maslan said in a Dewan Negara session on Monday, in response to a question from Datuk Mohd Hisamudin Yahaya who asked if the data of debit card users is safe if they make payments at a cashless parking lot.

Throughout the report, the deputy finance minister did not go into detail how a scammer would access a customer’s card details from a contactless payment terminal.

Otherwise known as PayWave, the contactless card payment method is generally secure as the EMV chip technology in use for cards today generate a dynamic code for each transaction and prevents the cloning of cards, Bank Negara Malaysia stated in a Bernama report from 2017.

Additionally, PayWave transactions are typically capped to a maximum of RM250, above which a personal identification number (PIN) is required before the transaction can go through. That limit can even be lowered should the user want to do so, and so any transaction made without PIN, intended or otherwise is capped.

There is the potential for scammers to cover the actual PayWave terminal with a fake terminal for the purposes of theft, however that would make the hardware visibly altered. If that is the case, it would be best to call for assistance, or back out where possible.

Have you encountered any such attempt at scamming contactless transactions at parking lots, dear readers? Let us know in the comments sections.