Are Mobile Payments Safe?


NEW YORK (MainStreet) — How would you like to pay for your next purchase: cash, credit or cell phone? The answer, for many consumers, may soon be the last of these three options.

Cell phones have come to dominate American life in recent years, with virtually all adults in the country claiming to own at least one mobile phone. As their popularity has expanded, the functions they serve have expanded as well. Today, cell phone users don’t just make calls and send text messages, they also check e-mails, surf the Web, manage bank accounts and purchase goods.

Major banks like Chase and Bank of America (Stock Quote: BAC) have built smartphone apps to make it easy for customers to check balances, transfer funds and pay bills on the go. The rise of Web browsers on mobile devices like cell phones and tablets has made it possible for consumers to do their shopping online without having to use a desktop computer. Meanwhile, consumers with e-readers can simply enter in billing information once and can then buy as many books as they can afford.

One study from the Aite Group, a research and advisory firm, predicts that the total amount of mobile payments in 2010 will hit $16 billion. If that sounds like a lot, it’s nothing compared to the potential for mobile sales in the future. The same report predicts that U.S. consumers will make $214 billion worth of transactions on mobile devices in 2015.

While the idea of using a mobile device for business transactions may seem unusual to many Americans, it is already considered old news in countries like Japan and South Korea, which have been using their cell phones as quasi credit cards for more than five years.

Part of the reason it has taken so long for the U.S. to follow suit is that shoppers are worried about the safety of this payment method.

“Consumers in the U.S. tend to be a bit more concerned with security issues,” said Robert Vamosi, a risk and fraud analyst at Javelin Strategy and Research, which analyzes the financial services and payments industries. “We want to know a new technology is secure before we move on to it.”

But whatever discomfort consumers did have began to fade after smartphones like the iPhone became popular around 2007 and 2008. Suddenly, tens of thousands of consumers began offering up their credit card information in order to purchase smartphone applications, and even to make purchases within those applications.

“The iPhone flipped the whole industry on its head, and now the U.S. is starting to take the lead,” said John Fletcher, an analyst at SNL Kagan who monitors trends in the wireless industry.

Now, several major companies are planning to take mobile payments to a whole new level in the U.S. by allowing customers to make mobile payments in stores.

Discover Financial Services recently partnered with AT&T (Stock Quote: T) and Verizon (Stock Quote: VZ), and the three companies plan to release phones in the near future that come with a wireless microchip so that the user can simply swipe the device at check out and automatically have the purchase charged to her Discover card. Visa and Bank of America are currently testing a similar system at select stores through the end of the year.

“Right now, all a person needs when leaving in the morning is their wallet, phone and keys, but wouldn’t it be great if one day it were just your phone and your keys?” Fletcher said.

This would be convenient, but have consumers made a mistake by forgetting the initial hesitation they had over the security of these devices?

Ultimately, the big concern is whether cellular networks are as secure for handling business and banking transactions as the wired internet networks most consumers have in their home. In the past, one of the two major cell phone networks, known as GSM, has been hacked multiple times, though it seems no user has had personal information compromised as a result.

“Nothing is full-proof. A cellular network might be a little worse than a wired connection, but the barrier to crack a cellular network is still very high,” Vamosi said.

In fact, each of the experts we spoke with argued that the Internet connections on cell phones are generally secure, but added there are still some important caveats for conducting business transactions on a mobile device. So, before you turn your cell phone into a credit card, be sure to keep these points in mind.

Never Use Public Wi-Fi

The biggest mistake you can make when using a mobile device to purchase an item or check your bank account may be to do so while connected to a public Wi-Fi account. According to Vamosi, wireless connections are much less secure than either wired or cellular connections, and can expose your personal data to third parties. The only Wi-Fi accounts that you should feel comfortable conducting mobile payments on are those that are private and secure, such as those accounts in your home or at your office.

Make Sure It’s a Trusted Website

One easy way to determine whether a website you’re shopping on is trustworthy is to look at the address bar at the top of the page and see if the URL has a picture of a lock next to it, indicating that the site is secure and encrypted. Unfortunately, if you are shopping on a smartphone, this picture won’t show up, even if the site is safe and secure.

But according to John Verdi, senior counsel at the Electronic Privacy Information Center, there is still one way to vet a website on a smartphone. If you look at the URL itself and see that it says “https” instead of just “http,” that indicates the site is properly encrypted.

Vet Your Apps

Aside from guaranteeing that the shopping websites you use are safe, it’s also essential that you try to vet the apps you download as well, since they may well end up asking for your credit card information. This, however, is easier said than done.

"There is no ‘Good Housekeeping’ seal of approval for mobile applications, no certifying body,” Vamosi said. Moreover, most of the apps you’ll find have been created by start-up companies rather than big familiar brands.

One tool Vamosi recommends to vet apps is Lookout Mobile Security, a free app available on the BlackBerry and Android phones, which analyzes applications for viruses, malware and spyware. In addition to this, it’s always a good idea to read through the reviews of a given app to see if other users have had any problems.

Think Twice Before Saving Your Password

The downside to using your cell phone as a bank and credit card all rolled into one is the danger you’ll face if you lose it. If you lose a credit card normally, the worst that happens is someone tries to sign for a few purchases in your name before you cancel your account. But if thieves get a hold of your phone and your personal information is saved, they could theoretically log onto your bank’s website and empty your account.

“Even people who know not to save all their passwords on their desktop browser will save them on their mobile devices, just because it’s more of a hassle to have to type it every time on a mobile device,” Verdi said. “So if somebody picks up your phone, there is a real concern they’ll have access to everything.”

The easy solution to this is to be mindful about saving passwords to sensitive accounts. If your phone is stolen, be sure to contact your provider and ask if there is a remote wipe capability you can download in order to delete your sensitive information from the phone before someone else can access it.

Don’t Do Business Via Text Messages

It might sound obvious, but any cell phone user should avoid doing business via text messages.

“Text messages are generally not encrypted or safe,” Vamosi said. “And texts can usually be spoofed.” In other words, it’s all too easy to fall victim to a phishing scam from someone who texts you pretending to be a reputable business.

Get a Receipt

Finally, as with a normal transaction, the Better Business Bureau recommends that customers making mobile payments ensure they will get a receipt before they agree to make a purchase, either by e-mail or text message.

—For a comprehensive credit report, visit the Credit Center.

Show Comments

Back to Top