Security technologies in mobile payments
Mobile wallets have not hit the mass consumer market just yet, and m-payments technology is still early in its days, according to its adoption rate. But a 210% growth forecast for this year is good place to start. According to eMarketer, in the US alone the value of mobile payment transactions are expected to go up to $27 billion from $8 billion in 2015, reshaping the understanding of money transfers for both businesses and consumers.
However, before m-payments reach the promised state of zen, barriers have to be knocked down, both technological and psychological. A Fed’s recent survey found out that 65 per cent of consumers fail to see any benefit in using a mobile wallet. But is this the core of the problem?
With an increasing number of cyber attacks worldwide, security becomes one of the key concerns among mobile device users. And subsequently, this affects the m-payments adoption rate. A recent study has shown that 40 per cent of consumers are concerned about cybersecurity, which stops them from connecting their credit card to a mobile device. At the same time, a total of 89 per cent of users wouldn’t know if their mobile phone has been infected through a cyber attack, a study by the app security specialist Promon revealed. As a result, the security aspect of what is deemed to be a more secure way of transferring money is stalling the adoption of m-payment solutions.
And while the complexity of malware used for identity fraud, merchant breaches, spyware and other types of cyber attacks is increasing, there are also numerous ways to protect mobile wallets and contactless payments. Below are four most commonly-used ones.
- Point-to-point encryption (P2PE) – provided by a third party, P2PE combines security devices, processes and applications to encrypt data until it reaches the solution provider’s secure environment for decryption. Because confidential cardholder data is instantaneously encrypted, customers are exposed to a considerably reduced risk of payment card fraud. For merchants who implemented this technology, it means that in the event of fraud, the P2PE solution provider not the merchant is held responsible for the data loss.
- Tokenisation – a security strategy that replaces sensitive data with a non-sensitive element, called token, that has no exploitable value. Its core value is to replace a real card number with a surrogate, which subsequently reduces cyber security risks.
- EMV – a global standard for cards equipped with the technology used to authenticate chip-card transactions, EMV stands for “Europay, MasterCard and Visa”. With the increased number of significant data breaches and cyber threats, more and more card issuers are opting for this technology to give their consumers the peace of mind and reduce the risk of fraud.
- NFC – near field communication, or NFC, is a wireless data transfer method that allows other devices within close proximity to exchange data without an internet connection. The technology is already being used for contactless credit card payments, but recently came back in the spotlight when it was introduced as a method of digitising a mobile payment software. In other words, NFC is a key pillar in the development of e-wallets, or mobile payments.
Please, feel free to add more to the list and state your opinion on how to make mobile payments safer.