Contactless payment cards arrived in 2007 and swiftly became the most popular way to pay in the UK, accounting for three quarters of all card transactions today.
While the idea of paying without a Pin might seem risky, fraud rates remain low, equivalent to 7% of overall card fraud losses according to the latest industry fraud report.
So, should you be using your contactless cards?
Make your money work harder. Get the best deals, avoid scams, and grow your savings with expert guidance for just £24.50 for a year – that’s half the usual price.
Get 50% off Which? MoneySave 50% – was £49, now £24.50 for a year, offer ends 6 April 2026.
Contactless debit or credit cards allow you to pay for items without entering your Pin, using wireless near-field communication (NFC) technology that enables one device to communicate with another.
Every contactless card has a small chip in it that emits radio waves. To pay for something, you hold the card near a payment terminal, which picks up a signal and processes the transaction.
You can tell whether your card is contactless by looking for a small logo on it which consists of four small curved lines, similar to the wi-fi symbol. The logo is also displayed on payment terminals that accept contactless payments.
Mobile wallets such as Apple Pay or Google Wallet use the same technology.
Broadly, yes.
Cases of fraud using contactless actually fell in 2024 and represented only 7% of overall card fraud losses, even though three quarters of card transactions were contactless that year.
There are also safeguards known as 'strong customer authentication' to stop that from happening in the first place, which also affect online banking.
Banks and payment firms will ask you to use chip and Pin for high value purchases, or once your cumulative contactless spend exceeds a certain level – to prove it's you using the card. In the UK, we initially set caps of:
The Financial Conduct Authority (FCA) decided to remove the £100 limit from March 2026.
This means banks and other payment providers will be able to set their own limit for contactless payments and have the flexibility to change their approach to cumulative contactless spending.
It's likely that banks will invite customers to choose their own limit, or turn contactless off altogether.
Digital wallets such as Apple Pay are already exempt from the cap on transactions, as are unattended payment terminals eg parking meters and transport systems.
Apple Pay and Google Wallet can be used anywhere contactless cards are accepted.
But they're arguably safer, because retailers never see your card number. Instead, a temporary number is generated.
Your phone (or other device) will also need to be unlocked in order to make payments. And you can remotely lock your phone if it is lost or stolen.
Digital pickpocketing or skimming (where criminals steal your card details by getting close to you with a scanner) is possible, though banking association UK Finance told Which? in February 2026 that there have been no recorded cases of criminals walking into a public place with a contactless card reader and initiating unauthorised transactions.
In 2015, Which? was able to easily and cheaply acquire contactless-card technology and use this to remotely 'steal' key card details from a contactless card. We only got the card number and expiry date (not the three digit security code), but this was enough to order a £3,000 TV at the time.
Online shopping security has improved thanks to strong customer authentication (SCA) and research suggests someone would also have to be uncomfortably close to you to lift your card details without you knowing.
In our tests, the card had to be touched against the mobile card reading device. While other readers might be more powerful, a criminal would still have to obtain a retail card reader and corresponding account.
One sticky issue is that the industry may not be fully aware of the risks of skimming using NFC technology, because victims may not know how their card details were stolen.
There are metal cases that claim to protect your contactless cards by blocking the radio waves skimming devices need to read card data.
We're sceptical whether you actually need them – contactless 'skimming' has been recorded in laboratory settings, but it's a relatively impractical way for scammers to obtain your card details.
Fraud experts say you are more likely to come across hidden skimming devices designed to steal your card details and Pins at ATMs and car parks, which capture the information in the magnetic stripe when you insert your card.
If a thief steals your contactless card, or copies your card details, your bank should reimburse you.
If you believe a transaction was fraudulent, it's the responsibility of the card provider to prove that you authorised the payment or were particularly negligent in not taking reasonable care of your card or card details – and if it can't, then it must reimburse you.
Which? knows that card providers sometimes wrongly refuse refunds so if you feel that your bank has acted unfairly, refer your complaint to the financialombudsman.org.uk.
You can take simple step to minimise the risk of card fraud:
If your card is taken out of your sight someone could run it through a skimming device, which copies the data from its magnetic strip.
Avoid keeping cards in pockets or open bags where they are easily accessible.
If a card reader or cash machine doesn’t look right, or you suspect something suspicious, don't use it – report it to the bank or cash machine operator.
Contactless users aren't always offered a receipt, so if you want to keep track of spending and make sure you aren't being overcharged, you may need to ask for one.
Keep an eye on notifications of money coming in and out of your account (most banks offer this to mobile banking app customers) and check your statements as regularly as possible to look for unusual transactions, including on lost or stolen cards as these can still be used after being cancelled.
Many banks let you to set your own daily contactless spending limit or turn off contactless spending entirely via their apps.
Most banks send their customers contactless debit or credit cards by default.
If you don't want a contactless card, your provider may let you opt-out, although some big banks and credit card providers don't.
Firms aren't obliged to offer you a non-contactless card but the biggest high street providers have all previously told Which? they would allow customers to choose chip and Pin debit cards instead, including: Barclays, First Direct, HSBC, Lloyds Banking Group, Nationwide, NatWest Group, The Co-operative Bank, TSB and Virgin Money.