Disabling UK HSBC Premier Debit Card Contactless Payment

Introduction: Disabling UK HSBC Premier Debit Card Contactless Payment

Disabling the UK HSBC Premier Debit card contactless payment system

Step 1: Why Bother

My new UK HSBC Premier debit card arrived, complete with a fantastic new free feature specially for my benefit -contactless payment. Since I had not asked for it, didn't want it, and wouldn't use it I figured that whoevers benefit it was for it wasn't mine.

I work in IT security. Most recently dealing with exactly this technology although not in banking. The risk of fraud isn't massive but it exists The banks default position is that you have to prove that any fraud wasn't your fault before they'll give you your money back. So if contactless payment is of no real benefit to you why take the risk. If you find a use for it later you can always get a new card.

Some banks won't issue you with a card which doesn't have contactless payment (after all "it's for your benefit"!). Even if they will it's still quicker to disable the card yourself than fight your way through their call handling system to find a human who not only understands what you want, but also agrees to do it for you.

Step 2: How It Works

The card has an radio antenna build into it. Special readers at the tills communicate with the card via this antenna to identify it, and take the payment. Only two problems. Firstly if the reader 'sees' more than one card it might take the money from the wrong one. Secondly the technology exists to scan multiple cards from a distance of a metre or so. Both are fairly low risk, but the former is why you're told to take the card out of your purse or wallet when you use it and the second is considered so unlikely given the currentwidely available technology that card issuers are ignoring it and hoping it won't happen.

The radio antenna is several strands of very fine wire that run around the edges of the card in a loop. You can't see them easily and they run in different places on different cards.

But if you can find them and break them you'll disable the contactless payment feature without disabling anything else. You can still use it in cash machines, and normal chip and PIN shop tills.

Step 3: Cutting the Antenna

If your card is not as dark and opaque as mine you can - apparently - see the fine wires by shining a bright light through it. Other methods include using a computer scanner with a infrared light and even an x-ray machine.

Not having any of these to hand I had to rely on a bit of guesswork. I figured that the wires wouldn't be on the bottom edge in case they were damaged by the embossing process. The top edge seemed the best bet.

I carefully used a sharp knife to outline a rectangle along the top edge of the front of the card, level with the right hand edge of the chip. Using the same knife I scraped away at the rectangle under a bright light hoping to see the glint of a fine wire. It the end I found two or three wires which I scraped away. I was careful not to scrape too deep, in the end going about half way though the card.

Now that I know where the wires are I'd make the rectangle a lot narrower if I was doing it again. Probably a narrow cut half way though the thickness of the card with one of those small electric hand held drill like tools.

I've been testing the card in my local cashpoints and shops and so far everything works as it should. I also tried the card in my local coffee shop which has the tap and go contactless payment system and am pleased to say it didn't work so it looks like job done. (If you have an Android phone with NFC you can download an app which will test if you card is working or not)

1 Person Made This Project!


  • Fabric Challenge

    Fabric Challenge
  • Build a Tool Contest

    Build a Tool Contest
  • Sculpt & Carve Challenge

    Sculpt & Carve Challenge



7 years ago on Introduction

big fan of tin foil hat level security precautions


Reply 7 years ago on Introduction

LOL. I thing tin foil hats are usually worn by folk who think their brains are being controlled by the reptilian illuminati - something like that anyway.

However in this case the risk, although small, is definitely not zero. Firstly if you get hold of my card you may well be able to use it a few times without knowing my PIN - thus breaking the golden "something you have & something you know" rule of security.

Secondly in a wallet full of contactless cards I can't be 100% sure which one is being read unless I take it out - rather negating a big advantage IMHO.

Thirdly, although the risk is tiny, if I can scan your card without you knowing I can potentially get a single payment - provided I do so before you use it next. The reward to the thief isn't worth the cost and risk - yet. The cards companies are hoping it never will be.

I'd use contactless payment if it was of benefit to me, but it simply isn't. I can't help that, it's the way it is. If I lived/worked in London perhaps it'd be different, who knows.

So if it takes 60 seconds to reduce the risk to zero why wouldn't I do it?