What Are The Security Risks In The Emerging Mobile Payment Market?
If you are an owner today of a merchant-based business, whether online or run from a brick-and-mortar establishment, it is difficult to make sense of the ongoing rage over mobile payments and how they will change the way that basic commerce, as we know it, is conducted in the future. Yes, smartphone technology will have a dramatic impact on merchant activities, but hold on, we have heard similar predictions before.
The internet did change merchant commerce, as we knew it, but those changes did not happen overnight. Technology professionals are not bankers. They may be able to wire things together to make things work, but when it comes to money and changing how consumers are to spend it, there are many more considerations that must be addressed along the way, especially ones to do with potential fraud risks. Risk concerns tempered the excitement with internet commerce, and they will do the same with mobile payments.
To begin with, let’s divide “mobile” into its two component parts. The merchant-based initiative is called “Wireless Processing.” This new approach to remote merchant payment capability replaces an assortment of cumbersome equipment that would permit payment processing on-the-go, “24×7,” anywhere and at any time.
This technology has already been battle-tested and is currently being marketed by several firms on national television channels. A simple device plugs into you smartphone, allows you to swipe a card stripe, and then conducts a typical payment transaction, complete with authorization, email confirmation, and a deposit of net proceeds into your merchant account. Risks are known. Cardholder behavior is not a formidable obstacle, but some will still be worried about privacy and whether their personal information will be compromised.
The other mobile component is cardholder-based. These are the areas that are receiving the lion’s share of hype in the market. These approaches entail a cardholder loading his payment information into his smartphone, perhaps in a specialized electronic wallet of some sort, and then waving his phone at a receptive terminal, tapping the terminal, or scanning a two-dimensional type of barcode to exchange payment information in thin air. Near-field communication (NFC) technology is the enabler in many cases and the root cause for many risk concerns.
What are these new risk concerns?
Every consumer already knows that his cell phone conversations can be intercepted quite easily, if someone has the right equipment. How do you prevent a crook from stealing your card and PIN numbers when they are “in the cloud,” so to speak?
Encryption is the normal method, but with so many third parties involved in the transaction from telecom operators, wallet providers, phone manufacturers, merchant processors, to the merchants themselves, how do you ensure that all will adhere to the same protection protocols?
What if you lose your phone or have it stolen? Do the same protections apply as with a credit or debit card? How do you get a refund or transfer wallet amounts already on the phone? Answers are mixed. Consumers will be wary. Yes, younger consumers will be drawn in, but fraud will scare many back to accepting reality.
Lastly, consumers do like convenience, but a new method must be obviously better than the one it is replacing. These new approaches are more convoluted, requiring more education and customer service when things go wrong. Will consumers lose patience or be more receptive of this modern new way-to-pay.
Mobile payments are the wave of the future. Wireless processing and card-based initiatives will evolve, but at a slower pace due to concerns over risk.