Contactless payment card

My bank recently sent me a new debit card, which included the non-optional feature of contactless payment.

This is based on NFC (Near Field Communication) technology, which utilises a loop antenna to allow a reader to communicate with the chip on the card in order to allow “small value” transactions to occur without physically touching the card, or (for most transactions) entering my PIN.

My bank assures me it’s secure. I’m not convinced – I can see at least one possible attack vector, and no indication in any of the literature that I’ve been able to find so far that it has been mitigated. I hope I’m wrong. For obvious reasons, I’m not going to go into details here.

Anyway, this technology requires embedding an antenna in the card. Fortunately, I was able to obtain X-ray images of parts of the card for your enjoyment, clearly showing the antenna inside the card.