C‘is a fear that resurfaces periodically, relaunched by viral videos and alarmed stories on social media: that of a “digital” pickpocket wandering through the crowd with a small card reader as big as a smartphone, the same POS used by street vendors and shopkeepers, and sneaks it closer to pockets and bags to initiate a contactless payment without the victim realizing it. An almost film-like image, which mixes technology and theft and which contributes to fueling more anxiety than reality. But is it really possible to steal money by holding a POS card close to your pocket?
Portable POS thefts: real fear or urban legend?
The most honest answer possible is: yes, in theory. In real life, however, achieving this is almost impossiblehowever, being a complicated, risky and inconvenient operation for a thief. To understand this, however, we need to start from how contactless payments really work. The system is based on NFC technology, Near Field Communication. The name is not accidental: the field must be really close, just a few centimeters. Not meters, not spy movie distances. Paper or phone must practically touch the reader. Without this proximity, nothing simply happens. Just this alone it could greatly reduce the idea of technological theft in the middle of the street.
Because the cards are less vulnerable than they seem
Contactless cardsFurthermore, they do not have an internal battery. They are activated only when they enter the electromagnetic field of the Poswhich provides them with the energy needed to communicate. Through clothing, thick wallets or bags, the signal weakens even more. In theory, someone could bring the reader very close to their pocket and attempt a small payment under 50 euros, the threshold that usually does not require a Pin. But in practice several obstacles come into play.
Recent news talks about alleged contactless thefts with portable POS machines, but behind the stories and viral videos there is a lot of confusion. (Getty Images)
Possible yes, probable no
Meanwhile, in modern wallets there is rarely just one card. There are usually several, together with vehicle passes, badges or loyalty cards. When multiple chips respond at the same time, the POS does not “choose”, it goes into error and blocks the operation. Furthermore, even common objects such as coins, keys or the wallet leather itself attenuate the signal. Let’s say that, for a theft to be successful, a very precise and infrequent combination should occur. Possible, yes. Probably, definitely not.
With smartphones, security increases
If we then move from wallets to phones, the barriers become even more solid. Services like Apple Pay, Google Wallet or Samsung Pay they do not transmit the real card number, but a temporary codecalled a token, valid only for that single operation. Even intercepting him would do no good. Furthermore, unlocking with fingerprint, face or code is almost always required. With the screen locked, the payment simply won’t go through. The idea of “stealing” money by touching a smartphone in your pocketto, in practice, it’s almost science fiction.
Other problems: a POS is not anonymous
Then there is a little considered aspect. A POS is not an anonymous tool that turns on and collects money into secret accounts. To activate it you need documents, a tax code or VAT number and a registered current account. Every transaction is recorded, tracked and often geolocalized. If suspicious payments appear in series, the anti-fraud systems intervene quickly and block everything. And victims can dispute the charge and get a refund. For a criminal, a lot of risk for a few euros is not that great a deal. In the end, there are also “anti-RFID” wallets on the market, that is, shielded against radio waves. They work, because they create a physical barrier that prevents the signal from passing. But for everyday use they are more of an extra protection than a necessity.
The real danger lies elsewhere
We can put it this way: focusing attention on the elusive thief with the POS is of very little use. The most widespread frauds, in fact, follow much less spectacular and much more effective paths: fake bank emails, SMS with urgent links, deceptive WhatsApp messages, phone calls from fake operators. The phishing and social engineering can empty bank accounts much more easily than any reader smuggled into a pocket. In short, stealing money by placing a POS near your pocket is technically possible, but in real life it is a rare and complicated eventuality. Therefore it is perhaps more useful to control where you click. In fact, it’s better not to click at all.

