NatWest/RBS offer contactless credit cards too (certainly on newer products anyway).
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Barclays Finally Supports Apple Pay in United Kingdom
- Thread starter MacRumors
- Start date
- Sort by reaction score
NatWest/RBS offer contactless credit cards too (certainly on newer products anyway).
OK, mass reply to multiple people, hope this works...
Barclaycard have only enabled standard Visa credit cards. Their Visa Cashback Card is coming "very soon" (much sooner than the eight months it's taken them to join Apple Pay in the first place but the person I spoke to had no idea if we're talking days or weeks here sadly). I've been told specifically that their Amex Cashback Card will not be supported when the Visa Cashback card gains support and the person I spoke to said they don't know when or if it will. As someone else mentioned, I think they're phasing out their Mastercard backed credit cards, if you're on one of them then ask if you can be migrated to a Visa backed one instead to pre-empt the change perhaps?
Alec
[doublepost=1459892278][/doublepost]
If you have multiple cards then this will use your default card. If you want to use a different one then before holding it near the reader you can double tap the home button to open wallet, select the card you want to use (tap on the stack at the bottom to activate them), place your finger on the home button (without pressing it) to authorise the transaction and then hold the phone over the reader. To be honest I always use this pre-empt method even when using the default card to ensure the transaction goes quickly and smoothly, might try using the automatic default route again at some point though.Just place your finger on the home button and place the iPhone on or near the reader - you'll get a notification/buzz/message if it has gone through successfully.
Works like magic.
A
Been waiting since 8am on iPhone and 6pm for Apple Watch. No SMS for either
ETA: Standard Barclaycard, not cash back one.
In my experience the transaction amount varies. I purchased an iPad Pro 9.7 at an Apple Store in US (with US-based credit-card) using Apple Pay and it it was approved instantly. They didn't even require me to sign anything despite the amount.
Well I tried it tonight at a BP petrol station and it worked just fine! This means I no longer have to take my card to work with me.
As to the teething problems; I read that people with more than 1 Contactless card in their wallet/purse were sometimes charged on a second card, if they held the wallet/purse too close to the terminal at the time of purchase, and they often didn't find out until they got a CC bill through without electing to use charged card. I'm sure this was easily resolved by turning down the reception strength of the terminals though.
I had a contactless debit card with NatWest, and my credit card from them is too. Plus my nationwide and metro bank cards are also contactless - as is my capital one credit card. The only cards I have which aren't contactless are my pre-paid currency cards actually.
They are separate companies though so unfortunately we cant use it as a reason. However i have read that Co-op Bank accept Apple Pay in the canteen at their head office whilst still not allowing it on their bank accounts!! Whats really annoying is the lack of information about it, they have been saying now since before xmas that they are considering all the options...how long does this take!!?
I suspect they may need to be careful with this as judging by the number of folk on twitter and facebook asking about it and getting frustrated with no progress or answer bar the standard answer they are getting close to potentially losing customers who will move to someone who does provide it. I've considered it but complicated slightly by the fact i have a Priviledge Premium account that gives me travel insurance, phone insurance, car breakdown and a few other bits all a lot cheaper than getting it elsewhere!
[doublepost=1459929867][/doublepost]
My understanding is, from an article i read recently, is that the card doesnt transmit enough details that can be captured to make it possible for the details to be used elsewhere such as online etc. For example it doesnt transmit the 3 digit security code on the back of the card that you need to enter to verify details when making an online purchase. That code is only on the card so the person would need the card or have seen it and remembered it\photographed it to have it and that is more difficult.
What i did see a report of someone doing was on places like a crowded tube train they would use a card terminal reader of some sort to collect various sub £20, at the time but now £30, payments by placing the terminal near pockets, handbags etc to try and get a connection with a card. How true this was and whether they got away with it is another matter. Anyone effected by it would also be covered for fraud by the bank as well.
I have also seen various tips for protecting cards in wallets etc from this happening and you can even buy wallets\purses now that shield the card so it cant happen.
I accept that, I'm just saying as both contain 'Co-op' in their name, many people will assume they are one and the same. Tesco are in the same boat, they run a virtual bank, but the girls on the enquiries desk are fending off people every day enquiring about their accounts, trying to pay a bill, make a deposit/withdrawal.
I was about to spring for a Tesco credit card (probably still will) for the interest free period to buy the new macbook pro when Apple finally releases it. Now my Barclaycard is finally working with Apple Pay, I'll hold off until launch to get a few months more free credit.
But yes, I would have changed cards to use Apple Pay had Barclays not got on board by then.
Very good point. Another point to add, is that aside from the fact that a fingerprint is far more secure than the old signature or pin method (for example, a thief could very easily learn to mimic the signature on the back of your card, or could learn your pin by looking over a person's shoulder as they were typing their pin into either an ATM or a checkout). When you really think about it, Contactless payment cards are even less secure, because many of those don't even require a signature or pin, so if they got hold of your card, they could very easily spend money on it. (okay arguably the banks may insure the amount that gets stolen, I would much prefer not to have had the hassle of all that happen in the first place). Whereas, with ApplePay using TouchID, even if they got a hold of your phone, they couldn't get in without your fingerprint, and being as you're not typing in a pin, they wouldn't even know how to get in even if they happened to be looking over your shoulder at the checkout. So from a security point of view, it's very easy to see that fingerprint method is by far the safest on so many levels, so I have a feeling that all banks will eventually realize this (even though they are slow to adopt at first). But I think it is the future, and I personally feel that I wish this would happen sooner rather than later.
In fact, I would even go as far as to say that I actually wish the online banking apps would incorporate TouchID as an optional form of logon. (When you think that Amazon already support this in their shopping app, it would be very easy for a bank to do the same). I can perceive however one of the potential arguments which a bank may have been worried about that stopped them wanting to use this. ie: the fact that TouchID enables you to use either your fingerprint or your four digit phone pin as the backup method, they could potentially be concerned that it's the backup phone pin method that is the security vulnerability in comparison to each banks's own method of logging in.) But I can also see a really simple and effective solution to this (which apple themselves would have to implement, as it's not current feature of TouchID, but would actually be very easy to implement, and would serve to increase TouchID quickly becoming a very good new security standard)...
What if for third party apps, the two options given for TouchID was Fingerprint for the first option, but instead of using the phone's pin as the backup option, that the backup option would just take you to the app's official login procedure. (the one that the app uses anyway). This would offer additional security as most people would be using the first option of the fingerprint anyway, so literally no-one would be able to look over your shoulder and learn your pin, but the backup option for those extremely rare occasions where say your fingerprint didn't register would still be using the exact same secure multi-step process that the banks use anyway. (And for Apple to implement this feature, all it would require is that the TouchID API that the iOS developers use simply includes a field where they could enter the page of the app to divert to where it opens up the apps login page. (and if that field is filled in, that becomes the backup option instead of the phone pin when used in conjunction with that app).
Problem solved.
People say this all the time, but all the banks policies read differently. They'll cover you for fraud related to contactless (ie if someone scans your details while it's in your pocket or clones your card) but theft is not fraud... I'm not sure you'd be covered for any losses between the the card being stolen and being reported stolen in the same way they wouldn't replace cash stolen from your wallet.
Does anyone have a different experience to show me I've read these policies wrong?
In fact, I would even go as far as to say that I actually wish the online banking apps would incorporate TouchID as an optional form of logon. (When you think that Amazon already support this in their shopping app, it would be very easy for a bank to do the same). I can perceive however one of the potential arguments which a bank may have been worried about that stopped them wanting to use this. ie: the fact that TouchID enables you to use either your fingerprint or your four digit phone pin as the backup method, they could potentially be concerned that it's the backup phone pin method that is the security vulnerability in comparison to each banks's own method of logging in. But I can also see a really simple and effective solution to this (which apple themselves would have to implement, as it's not current feature of touch ID, but would actually be very easy to implement, and would serve to increase TouchID quickly becoming a very good new security standard)...
What if for third party apps, the two options given for TouchID was Fingerprint for the first option, but instead of using the phone's pin as the backup option, that the backup option would just take you to the app's official login procedure. (the one that the app uses anyway). This would offer additional security as most people would be using the first option off the fingerprint anyway, so less people would be able to look over your shoulder and learn your pin, but the backup option for those extremely rare occasions where say your fingerprint didn't register would still be using the exact same secure multi-step process that the banks use anyway. (And for Apple to implement this feature, all it would require is that the TouchID API that the iOS developers use simply includes a field where they could enter the page of the app to divert to where it opens up the apps login page. (and if that field is filled in, hat becomes the backup option instead of the phone pin when used in conjunction with that app).
Problem solved.
You're either trolling or you've just wasted minutes typing up an idea that IS already a major part of the Touch ID API (it does not default to your phone pin as a backup, but the individual app password) and this is exactly how the First Direct and HSBC apps work. They're banks by the way, if you didn't know. I can't see if you're in the UK.
It is, certainly with NatWest anyhow. When using a contactless card it doesn't come off straight away, which is why you can use your contactless card when having zero money in your account (with no overdraft). Apple Pay does.
When I use my contactless card, as it is not debited straight away, my available balance does not go down until the transaction is processed.
However, when I use Apple Pay, my available balance goes down immediately. I prefer this as I know, when checking my available balance, all transactions have been included.
So I ordered a takeaway from JustEat yesterday and I used Apple Pay. I got an email shortly after saying my transaction had been declined. I was worried that something was wrong with either my card or Apple Pay and it turned out the place I was ordering from declined my transaction because I was too far away (even though they charged for delivery). Panic over.
Semantically, he's correct. You're confusing debiting with affecting your available balance. A pending transaction has not yet debited.
You're right, I was just interchanging the words for ease. But my ultimate point is, for me as a NatWest customer, when using my contactless card for an amount, that amount is still available to me, either to use again via another debit card transaction, or withdrawing cash from a cash point, until that transaction is processed. When using Apple Pay, that money is no longer available for me to use as it is deducted straight away, the same as if it were a normal debit card transaction.
That's bizarre. When I set up Apple Pay my SMS verification came through straight away!
Same here. @shandyman have you contacted their Social Media team via Twitter? Might be worth reaching out to them, they're really helpful I find.
A
There are multiple kinds of contactless cards. The old original RFID dumb ones simply responded to (even long-range) pings with everything that was on the magstripe, which is what caused metallic RF blocking wallets to become a fad.
However, modern NFC contactless cards with chips (and the NFC payment systems which emulate them such as Android, Apple and Samsung Pay), are not only very short-range, they're also actively involved in each transaction. They use embedded Java applets and cryptographic processors to negotiate authentication and one-time transaction codes between the terminal and the card/emulator. So just reading the card is almost always useless.
Almost always. It might still be possible with some older terminal implementations to play man-in-the-middle, or do a purchase pre-play attack (only works if you know the exact amount you're later going to purchase with the stolen transaction codes), but those situations are rare today.
It's not at all a major technical challenge, but certainly not something to worry about if your phone was simply stolen by a random thief.
Oh they'd work, but it still outweighs the risk of someone taking the time to do it.
It's ironic though, that the downside of stronger security is that it works against the consumer if the security key is stolen.
For example, it's not uncommon for a UK bank to try to leave a customer responsible for a transaction on a stolen card if the PIN was used. The assumption being that either the customer gave out the PIN, wrote it down, or let someone shoulder-surf it. (*)
And if, in the worst case, someone (say your evil college roommate) took the time to make a physical copy of your main fingerprint, you might have a hard time proving that it was not you who paid for something. I've commented before, that it would make a great TV detective show episode to frame someone by using a spoof finger to make an Apple Pay payment on a temporarily stolen phone near the scene of a murder. The person being framed could explain all they wanted that they were in bed at home that night, but to no avail. Again, not something to worry about in real life, though
(*) A few years ago, many PIN terminals were modified by apparently a Russian cartel in shipment after they left the factory, before they arrived at stores. These modified terminals stole PINs from all over the EU and resulted in thousands of customers being held liable for fraudulent transactions for years, as the banks at first refused to believe there was any way to steal a PIN.
Last edited:
We're going to have to quibble about what constitutes a major technical challenge. Put it another way: it's far from easy to fool the Touch ID sensor. If your evil college roommate has an inkling to do such a thing, you probably have bigger things to worry about in life.
Alas, in a world full of bad tech articles on the topic, you picked the dumbest article ever written, obviously done by someone with zero hobby abilities whatsoever. It's like citing an article that claims manual transmissions are difficult to drive, by someone whose never driven at all.
I mean seriously, that article claims that having clear plastic sheets and wood glue are obstacles.
Plenty of people have demonstrated doing it with a printer they already owned, using common hobby and food materials.
The same technique has been well known in the fingerprint world since the turn of the century. Heck it's one reason why handheld device makers stopped using fingerprint readers for real security back then, same as they stopped using gesture unlocking on touchscreens. Apple is smart though, and realizes that convenience takes precedence.
Or, you could save yourself a headache, not bother to do any of that, and pinch the victim's credit card instead. Without its sensor, and maybe with the ability to do contactless without any kind of authentication at all.
For what it's worth, I don't happen to have clear plastic sheets or wood glue (or a few of the other required things) lying around my house. Nor a victim's nicely captured fingerprint, superglue fume cupboard, or a phone that I can walk off with.
Security measures are about balancing risk versus convenience. The risk that someone will actually go to all this trouble to make an Apple Payment is ridiculously small.
For what it's worth, I don't happen to have clear plastic sheets or wood glue (or a few of the other required things) lying around my house. Nor a victim's nicely captured fingerprint, superglue fume cupboard, or a phone that I can walk off with.
Security measures are about balancing risk versus convenience. The risk that someone will actually go to all this trouble to make an Apple Payment is ridiculously small.
I'm married to a Kindergarten teacher, with art supplies like clear printable sheets. Like many people, I do wordworking and electronics as a hobby. And my teenage daughter's iPhone is at home while she's at school. So all the necessary stuff is laying around here
. Hmm. When I get some spare time, I might try to spoof her phone just to see for myself.I totally agree with you on that.
Just came back from a family vacation in London. Used Apple Pay whilst traveling all over London via the tube. If only U.S. public transportation would make it so easy. Thought some of you brits might get angry as there is a slight delay using Apple Pay (while it checks your finger print) -- maybe one second -- but nobody seemed to mind. It was also tricky figuring out the best angle to hold your phone over the giant yellow circle in the tube entry/exits and on buses to quickly bring up the Apple pay screen. Eventually figured it out. Used my U.S. MasterCard with no problems (and there are no foreign transaction fees on my MasterCard). For some reason, my wife's AMEX didn't work -- but she just switched to her MasterCard and all was well.
I recently had my wallet stolen with 3 contactless cards in it - can you imagine the ball ache? Now they can't nick my wallet as I never carry it with me.
Oh and 2 weeks ago I managed to pay for someone elses crisps as I was fumbling with my wallet to get my card out and it got read. No more with Apple Pay and if my phone is nicked I can wipe the details off using Icloud settings and kill it.
Secure and sorted.
Tesco bank won't let me use my contactless card for things like paying for fuel at the pumps, so their arse is getting dumped soon.
[doublepost=1460063010][/doublepost]
Agreed and as you can use your finger before you put your phone anywhere near the scanner then it's as quick as a contactless card (getting it out of my pocket is slower for me)
[doublepost=1460063078][/doublepost]
Already done in several places and all apple pay terminals have been updated. Card £30 max, Total amount of available funds using AP and your finger.
[doublepost=1460063439][/doublepost]
This is what I now do. I leave my wallet at home, Well I have forgotten it a few times recently. But now I don't have to worry. I always carry a small power pack with me as I have a genuine fear of low battery (it's a real condition) so I should never have to worry.
[doublepost=1460063535][/doublepost]
For me now when I see AP I have my phone out fingerprint already done and ready to tap the terminal. It's the same for me as getting my card out my pocket and placing it on the reader. It's whatever suits people, it suits me if it does not suit you then that's fair enough.
[doublepost=1460064086][/doublepost]
I also read that if your card is lost or stolen (mine were stolen a few weeks ago and I had to have them reissued) whilst Barclays can do an physical card at a branch within 10 minutes, they can also update Apple Pay with your new card number without you having to go to a branch, which is mega cool!
[doublepost=1460064379][/doublepost]
Well you can double tap the reader when asleep and AP is ready to tap. That's half the battle won no!?
[doublepost=1460064517][/doublepost]
Well I would carry a card. If you are asked to do a C+P to verify who you are (Like Tesco ask for when you get contactless) and you don't have a card AP won't work for crap until you do
[doublepost=1460064577][/doublepost]
Unless you have UBER
[doublepost=1460064690][/doublepost]
Barclays and Tesco do. I use them both daily.
[doublepost=1460065086][/doublepost]
Hey man,
I did! I got a Tesco Bank account after I was told I could use AP, only to find out I couldn't and I couldn't even use pay at the pumps!
Luckily I never ditched my Barclays contactless card and current account and they work just fine. So I think I will stay with just Barclays from now on.
[doublepost=1460065369][/doublepost]
To add you to the end of my stupidly long reply to everyone. I have no policy but my wallet was nabbed a few weeks ago and my bank tell me that luckily/oddly that Tesco bank app does not require a cards reader to set up payments to others and I dumped my funds into my wifes account seconds before someone tried to use my card. Had they done so I would not have been covered and I would have had to foot the bill
I am so glad AP is now here.
Last edited:
lol. Way to make a girl feel special!! (...honestly never been called a troll before). hahaha. (but something tells me that you weren't referring to my looks, somehow, but I'll let that slide!). Just to clarify though, I am indeed English (both by birth, and every generation before me), so lived in the UK for the vast majority of my life, until I got married. But you're partly correct in the sense that I no longer live in the UK anymore. I was born in Worcestershire though (if you know where that is?), but now live permanently in Greece with my Husband who is Greek (hence the username). But as I am British, and can't apply for a local bank account over here so easily, all my banks and credit cards are still my UK ones, so I still take an interest in how they are developing, as it affects me directly. Am truly gutted that they don't have ApplePay out here though yet, so am curious to know how well the UK rollout for it is going so far since I've been away? Has it become mainstream yet, or are many companies still slow to adopt?
Anyways, in answer to your question, being British, I do know HSBC, and am delighted to hear from you that at least some banks are using it in the way that I've always thought was just common sense. (not all banks do though, yet). For example, I bank with Nationwide and Halifax, and while I do rate them both extremely well as banks, and they both have excellent iPhone apps, they still use their own form of authentication, so naturally me being a fan of TouchID, I'm hoping that someday the banks I use will incorporate it aswell. But thankyou for letting me know that the API does support the functionality in the way I perceived it (I might have to write to my banks, and let them know, because if what I suspect is true, and it just being things like them not thinking it's secure enough that is holding them back, then we might be able to give them the nudge they need to get with the 21st century, and just implement it already! And thankyou for letting me know that HSBC is already using it. If I tell them that, it might also help, as I'm sure they won't wanna get left behind! (and it certainly removes all the excuses).
Forgive me for going off on such a tangent though. In answer to your original question, you raised a very good point about the banks possibly not covering you in such a situation where somebody stole your wallet and spent some money via the contactless payment method. Fortunately this has never happened to me, but I wouldn't fancy my chances of being reimbursed in such an event, so you're probably right.
Anyways, do let me know how things are going with the ApplePay stuff. It's nice to keep in touch with people who still live in the UK, to see what's changed since I left. I bet it's a very different place now.