Is this your credit card? Hong Kong Monetary Authority presses banks over 1.25 million credit cards read by unauthorised parties

The Hong Kong Monetary Authority is examining who should be held responsible for a security flaw that allowed customers' full names on contactless credit cards to be read by unauthorised parties.

Arthur Yuen Kwok-hang, a deputy chief executive at the authority, said yesterday the body had asked seven banks and two companies that provided cards for the banks to look into why some 1.25 million cards contained the cardholder's name.

"This is an issue we must identify," said Yuen. He noted the case involved complicated technical issues and the authority was still studying the cause and who should be held responsible.

Last week, the authority said some contactless credit cards issued by the seven banks contained a security flaw that allowed cardholders' names to be read by unauthorised parties using a mobile app when they made contactless payments.

The seven banks were Bank of China (Hong Kong), Bank of Communications Hong Kong Branch, China Citic Bank International, Dah Sing Bank, DBS Hong Kong, OCBC Wing Hang Bank and ICBC (Asia).

In total, 1.25 million cards were involved, with Bank of China (Hong Kong) accounting for 670,000 of them.

Yuen said the banks were working to replace the flawed cards.