The Hong Kong Monetary Authority (HKMA) told banks to review the security of contactless credit cards, after tests showed two apps could extract information belonging to cardholders.

The HKMA found the two apps, Banking Card Reader and Cardtest, used on a NFC-based smartphone could retrieve credit card numbers, expiry dates and transaction details from nearby Visa (payWave), MasterCard (PayPass), American Express or JCB cards.

Criminals can use cardholder data in a number of ways, including making purchases on online websites. Or scammers could pretend to be staff from credit card issuers, which could offer another opportunity for fraudulent activity.

However, local police have yet to receive any reports of criminal activity relating to the two apps.