Last week, the Lagos state government announced a partnership with Primero Transport Limited and Sterling Bank to extend its Lagos Connect card scheme. This will enable commuters on the Bus Rapid Transport (BRT) pay for their bus fares without having to purchase tickets.
The new system is powered by FarePay, a Sterling Bank product which utilises smart contactless cards that can be linked to a bank account and topped up via agents or online transfers. This means that commuters can simply “tap in and tap out of BRT buses".
This technology could potentially eliminate the high turnaround time involved with cash-based tickets and also improve the efficiency of business transactions in a flexible, secure, and standard way with little or no human intervention. Asides payment, this technology can be used as a means for identification, authentication and data storage.
This is not the first contactless card solution in Nigeria. United Bank of Africa (UBA) launched its contactless card in 2015 to enable quicker general-purpose transactions.
Is contactless card payment safe?
Contactless cards use embedded chips to store data and near field communication (NFC) technology to send and receive information. As such, the security of this payment system is debatable, considering that a PIN code is not required to make transactions. Which implies that once stolen, someone else can use the card to perform a transaction.
Thankfully, in the case of FarePay, provisions have been made for users to block their card in the case of theft. To also ensure security to a level, most banks place a transaction limit on their cards. If the value exceeds this limit, the transaction would be rejected or require an additional proof of validity such as entering PIN code.
But even if fraudsters can't perform transactions with your card, they can potentially access the information stored on it. Majority of today's smartphones are equipped with an NFC module and the EMV standard permits that some data is unencrypted in the chips’ memory. Such data might include the card number, last transactions, etc, depending on the bank's policy. These data could be read via an NFC-enabled smartphone with a legitimate app (such as banking card reader NFC), thereby posing a threat to users.
It is also worthy to note as users that when in a crowded place, where two or more cards are in close proximity, the system may have difficulty determining which card is intended to be used. Thereby, charging the wrong card or rejecting both.
As a precaution, it is highly recommended that this card should be kept in a special case and not be brought out until you get to the point of payment to avoid data theft.
In all, this move by the Lagos state government is highly commendable, as it sets the city ahead of some megacities in terms of implementation of this technology.
Indeed, the very technology of contactless payments proffers several layers of protection. However, it does not mean your money is 100% safe, so beware!