Community
Let me start by saying what wonderful things mobile payments and mobile banking are. You can’t deny the convenience of being able to bank, pay for goods and services, and perform P2P payments while “on the go”.
It is these little conveniences that help turn train and bus travel into something more useful than simply reading the newspaper.
With the introduction of mobile wallets and new security innovations, many companies are making big promises that your mobile is becoming the most secure means of banking and payments.
But is it?
Companies have spent a lot of time and money addressing security issues. And with large banks, PayPal, Google, MasterCard, Visa and many more active in the area, people can be forgiven for thinking that it must be a safe means of transacting. Even if they lose their phone, their security credentials will remain safe and unexposed.
Maybe – but what if that individual then gave their security details to someone else? What if they made payments or transfers to someone they didn’t want to?
Of course that shouldn’t happen, but the problem with the mobile phone is that it makes it very easy for a physical attacker to force their victim to do just that
ATMs have built-in security cameras and only dispense limited amounts of cash. Stores have security cameras and security guards – as well as lots of people around. eCommerce and online banking are mainly done from the safety of your own home or workplace.
Mobile transactions, however, are done outside – walking in the street, going to the coffee shop, sitting on a park bench or coming home from the nightclub.
Now on your way home you don’t have to worry about someone stealing your phone or your handbag. Instead worry about them stealing every penny from your bank account or spending up to the limit on all the cards associated with your mobile wallet.
The real security issue is not the phone or the means of securing the transactions. The real security issue is the individual.
Traditionally, it needed sophisticated fraudsters and hackers to take your money, particularly since the introduction of EMV and PCI. Now any thug can rob you of much more than the cash in your wallet or purse.
Multi-channel transactions would help (started on one channel and finished on another), as would lowering transaction limits - although for NFC/Contactless there’s constant talk about increasing them. Nationwide recently introduced a new online banking app which prevents the adding of new payees from the mobile. This is the sort of step that can help limit the risk.
Right now though, you’re walking about with potentially all the money you have in your pocket. Not a good idea.
I’m interested to see how the world of mobile banking and payments address this security gap.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Tachat Igityan Founder and CFO at destream
03 December
Luigi Wewege President at Caye International Bank
02 December
Victor Irechukwu Head, Engineering at OnePipe Services Limited
29 November
Nkahiseng Ralepeli VP of Product: Digital Assets at Absa Bank, CIB.
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.