Request a Demo
USE CASE

Shutting down Ghost Tap relay attacks

How INETCO BullzAI® defends against Ghost Tap relay attacks and contactless payment fraud in milliseconds

Shutting down Ghost Tap relay attacks

What is a Ghost Tap relay attack?

Ghost Tap relay attacks exploit NFC technology to conduct unauthorized tap-to-pay transactions. Fraudsters intercept a card or mobile wallet’s signal using portable proxy devices that relay it in real time to a “mule” at a checkout counter miles away – enabling purchases and POS cash-outs. Other attack variants include mobile wallet hijacking via phishing or malicious apps, and digital pickpocketing in crowded areas. Relay transactions often evade fraud controls, with criminals testing multiple small charges before escalating to larger transactions – driving increased chargebacks and losses.

Stop NFC relay attacks before funds disappear

INETCO BullzAI monitors the full journey of every contactless payment in real time, instantly detecting activity associated with Ghost Tap and other relay attacks, including transaction rerouting, clusters of high velocity, low-value taps, delays in the round trip time and geographic proximity mismatches – such as a transaction occurring in one city while the cardholder’s device is miles away. Surgically block relayed payments and POS cash-outs before chargebacks flare.

DETECT

Monitor every contactless payment in real-time to detect deviations in round trip times or unexpected transaction re-routing to unsecure terminals, and analyze every transaction field for anomalies in POS Entry mode and EMV chip data – correlating these signals with unusual spending behavior, device fingerprints, IP addresses, transaction bursts and geo-location velocity to validate proximity between the card use and device

 

 

PREVENT

Update adaptive fraud risk scores after every transaction with supervised and unsupervised machine learning models that instantly flag “out-of-character” spending behavior or usage patterns for cards, devices and terminals that could be associated with relay attacks – including high risk or rogue terminal IDs, rapid fire micro-spend charges, unusual geographic location or impossible travel, or device fingerprint mismatches between the mobile wallet being used and the registered device ID

SHIELD

Improve authorization decisions for every contactless payment transaction and precisely block or rate limit high risk transactions tied to NFC relay indicators or mule activity – with attention to inconsistencies between the card’s reported activity and the terminal’s reported activity, failed or weak card verification methods in combination with high transaction amounts, indication of PIN bypass in the terminal verification results without disrupting legitimate customers and before the funds move

 

Don't let fraudsters turn payment convenience into their playground

Prevent costly POS cash-outs

Instantly rate limit or block abnormal tap-to-pay behavior related to individual cards, devices and terminals – with precision – to avoid fraud loss from relay attacks

Reduce chargebacks

Intercept relay fraud before tap-to-pay transctions complete, lowering chargebacks and reimbursement costs while protecting banks and merchants

Protect customer trust

Strengthen confidence in digital wallets and tap-to-pay transactions by stopping contactless payment fraud before customers are affected

Improve operational efficiency

Reduce false positives and streamline case investigations with real-time, high-precision blocking at the transaction field level

No relay. No replay.

Related resources

Ghost Tap & PhantomCard: The haunted frontier of fraud
ARTICLE

Ghost Tap & PhantomCard: The haunted frontier of fraud

Contactless payments were built for speed, simplicity, and convenience, but in the shadows of that innovation a new breed of digital ghouls has emerged

Why cyber-fraud teams are the next big thing in payments security
ARTICLE

Why cyber-fraud teams are the next big thing in payments security

The growing inter-connectedness of digital systems, combined with the alarming ingenuity of financial criminals, has led to a convergence between payment fraud, cybercrime, and AML

Black Friday: Loved by shoppers and fraudsters alike
ARTICLE

Black Friday: Loved by shoppers and fraudsters alike

TransUnion’s analysis revealed a startling trend: the average number of suspected digital fraud attempts between Thanksgiving and Cyber Monday was 82% higher globally than the rest of the year

Tales from the fraud frontlines: How to avoid getting bitten by Visa VAMP
ARTICLE

Tales from the fraud frontlines: How to avoid getting bitten by Visa VAMP

Discover how INETCO BullzAI helps acquirers and merchants avoid VAMP clampdowns

Back to use cases

Who you gonna call? Ghost Tap Busters!

Consult INETCO’s payment fraud experts to detect and block Ghost Tap attacks in real time.

LET’S TALK