It may be convenient to pay with a wave of your credit or debit card.
But Consumer Reports' Andrea Rock says so-called contactless cards make your personal data vulnerable.
Andrea says, "Thieves can collect the information while it's being transmitted by using a card reader that costs less than $100."
To demonstrate, Rock tucks a card reader in her purse and security consultant Henry Bar-Levav puts a contactless card in his pocket. She bumps into him, and in that moment she can steal his credit-card information.
Andrea adds, "From that little bump in the parking lot, it's possible to download your account number, expiration date, and security data to a computer. From there it's simple to use blank cards to make counterfeits."
Recursion Ventures, the security consultants who demonstrated the cards' weakness, were able to use the bogus card to successfully charge a transaction.
You may have contactless cards in your wallet and not even know it. Chase cards say Blink. MasterCards' are called PayPass, and some have this symbol.
Andrea says, "The technology is active whether you use the card for contactless payments or not. And there's not much you can do except ask your bank if they will replace the card with a regular one."
Another option - a protective sleeve like the one Rock made out of duct tape, lined with aluminum foil.
Andrea points out, "Recursion's tests showed that it worked better than many of the ones you can buy, but even that didn't block the signal completely."
So while waving your card is easy, making sure it's secure isn't.
The banking industry insists contactless card technology is secure and that there have been no reports of problems.
But Consumer Reports says the technology's security must be improved because as these cards become more widespread, they'll become a bigger target for thieves.