Contactless payment methods are convenient to use and are everywhere. You can easily add your debit and credit cards to your iPhone or Android device and leave your physical cards at home. But as digital payments become more common, so do new scams. Does ghost tapping require physical access to a phone? In most cases, yes. “Ghost tapping” refers to a scammer getting close enough to your phone to tap-to-pay card to attempt a contactless transaction. Fortunately, with a few simple precautions, you can keep your contactless payments safe and secure.

Install the latest updates on your mobile device

If you take advantage of the convenience of Apple Pay and/or Google Pay, you’re probably already familiar with the safety features these apps offer. Make sure you have biometrics or a passkey enabled to gain access to these apps before you make payments. This way, if someone accidentally “bumps” into you to gain access to the app, they won’t be able to cause any damage.

Also, make sure to have the latest version of your phone’s operating system installed so you benefit from the latest security features and enhancements.

Receive alerts for your transactions

Your Arsenal debit and credit cards are automatically linked to a program called Card Management. This program allows you to take a number of proactive measures to fight fraud:

  • Set up and receive alerts for all of your spending or custom transactions.
  • Control the types of transactions that can be performed on your cards.
  • Turn off your card if you believe it was lost or stolen.
  • Cancel your cards and receive replacements.

Note: Arsenal Credit Union will start to offer tap-to-pay cards in early 2026.

Be alert in crowds and use an RFID-blocking wallet

Ghost tapping can occur at festivals, concerts, farmer’s markets and even the grocery store. If anyone runs into your pocket or purse for no good reason, it’s best to be vigilant about your cards. If your digital wallet on your mobile device is protected through normal security measures, you’re good!

The best way to prevent your tap-to-pay cards from scammers is to use an RFID-blocking wallet. RFID stands for radio frequency identification. These specialized wallets block the signals so no one can ghost tap you.

Monitor your account statements

If someone ghost taps you, they may set up a recurring subscription payment using your account information. Make sure to monitor your account statements using online + mobile banking to make sure this hasn’t happened to you.

Read before you tap

Small vendors love to use popular point-of-sale software like Square, Toast and Clover to make transactions easier. Most retailers you encounter just want you to make a simple transaction for a good or service. Others aren’t that honest.

Before you tap, make sure you read the screen to make sure the amount you’re spending is what you and the vendor agreed to. Shady vendors could potentially raise the agreed-upon price or charge an exorbitant tip without your consent.

Recommended articles