Understanding Contactless payment limits and PIN requirements

In Australia, the standard contactless (Tap & Pay) limit for eftpos, Visa, and Mastercard transactions is $200 per transaction. Transactions at or below this amount can generally be completed without entering a PIN.

In some cases, the PIN threshold may vary between $100 and $200, depending on the card issuer's requirements, and the card scheme used for the transaction.

When is a PIN required?

Contactless payments

For eftpos, Visa, and Mastercard contactless transactions, cardholders are typically required to enter their PIN when:

  • The transaction amount exceeds the applicable contactless limit.
  • The card issuer requests additional verification for security purposes.
  • The payment terminal or card scheme requires cardholder authentication.

Least Cost Routing (LCR)

For merchants using Least Cost Routing (LCR), transactions routed through the domestic eftpos network will generally require a PIN for transactions over $200.

Inserted chip cards

When a card is inserted into the terminal rather than tapped, transactions are typically authorised using Chip and PIN, regardless of the contactless limit.

Magnetic stripe fallback

If a contactless transaction cannot be processed and the terminal requests a card swipe, the cardholder will generally be prompted to enter their PIN to complete the transaction.

Daily transaction limits

While contactless transactions are subject to per-transaction authentication limits, issuing banks may also apply daily spending or withdrawal limits to accounts. These limits vary between financial institutions and account types.

For information about daily transaction limits, cardholders should contact their card issuer directly.

PIN retry limits

Most Australian card issuers enforce a limit of three consecutive incorrect PIN attempts. After the retry limit is reached, the card may be blocked from PIN-based transactions at EFTPOS terminals and ATMs until the cardholder completes the issuer's verification process.

Mobile wallets

Payments made using digital wallets such as Apple Pay and Google Pay are authenticated using the security features of the customer's device, such as Face ID, fingerprint recognition, or a device passcode.

Because authentication occurs on the device, mobile wallet transactions are not typically subject to the same contactless PIN thresholds that apply to physical cards.

Related articles

Subscribe to the Zeller Business Blog

Stay connected with Zeller to receive curated news and content designed for small business owners, delivered to your inbox.