Clutter in the airwaves: Mobile payment security
Clutter in the airwaves: Mobile payment security
While already ubiquitous in much of the world, mobile payment options are gaining traction in the United States, reports Stephen Lawton.
In the 1960s, The Jetsons envisioned a future where everyone rode around in a personal spacecraft, while Star Trek imagined a world without money. While jetpacks and private space ships are still a ways off, cellphones, 3-D barcodes, tiny high-resolution cameras, radio frequency identification (RFID) chips and near-field communications are working to make cash as obsolete as the Spanish dollar, also known as the piece of eight.
However, while mobile payments are becoming ubiquitous in much of the world, it still lags behind in the United States where cash and plastic credit cards, with their 1950s-era magnetic stripe technology, still dominate.
The lag in acceptance in the United States is, in large part, cultural rather than technological, says James Vanreusel, chief financial officer of South Pacific Business Development, a Newark, N.J.-based network of microfinance institutions doing business in Fiji, Samoa, Tonga and the Solomon Islands.
Unlike the United States, where banks or automatic teller machines are on almost every street corner and payments are easily processed, third-world nations often have few physical bank branches, and those that do exist could be a day's travel for villagers, he says. While Europe does have more brick-and-mortar banks, British-born Vanreusel notes, many have inconvenient hours, so transactions – such as mobile payments using technology – becomes the preferred choice.
The vast majority of the cellphones used for mobile payments in places like Fiji or Tonga are not elaborate smartphones, but rather the basic-feature phones, Vanreusel says. Popular services used for sending funds around the world, such as MoneyGram or Western Union, which have a physical presence, charge a fee based on a percentage of the amount being transferred, he says. Internet-based services that have much lower operational costs can reduce that to mere pennies per transfer.
A large percentage of the mobile payments made today in the United States are called remittances, where a family member living in the U.S. might send a portion of each paycheck home to family members living in a country that has a limited banking system. Fees for these remittances can eat up a significant portion of the transfer depending on the type of service used, Vanreusel says.
James Wester, a research director responsible for the global payments practice for IDC Financial Insights, a Framingham, Mass.-based research, consulting and advisory services firm, agrees that remittances represent the largest percentage of domestic transactions. Because the banking infrastructure overseas might be limited, one challenge third-world users face is that the funds associated with mobile payments are often tied directly to a user's phone. If the phone is lost or stolen, the money is lost as well, much like someone losing their physical wallet.
But, unlike mobile payments in the third world, U.S. users of smartphones who make mobile payments are protected, much in the same way that credit card users are protected domestically, notes Stan Stahl, president of Citadel Information Group, a Los Angeles-based data security consultancy, and the president of the Los Angeles chapter of the Information Security Systems Security Association, an international nonprofit association of information security professionals and practitioners.
“Consumers paying via credit cards on their smartphones, or [who] have e-wallets connected to their credit card, are protected from loss by regulations – provided they notify the credit card company in a timely way,” Stahl says.
However, he cautions, businesses using corporate cards connected to their smartphones may not have the same protections provided to consumers. Such is the case with credit cards as well. “The best that can be said for prepaid cards, like Starbucks, is that the loss ‘may' be limited by the amount on the card. Obviously this goes away if the card can be refilled from a credit card connected to the smartphone,” he says.
Stahl has cautioned against mobile banking in the past because of the security risks and the banking industry's priority to make money rather than provide security. His warning still holds.
Wester – who previous to IDC was founding editor of Mobile Payments Today, a news site focused on mobile payments, commerce and financial services – believes that mobile payments in the U.S. today are driven by the frequent need for users to conduct small transactions, such as buying coffee at a café or purchasing tickets for mass transit. In the past, he says, users would pull coins or currency from their pockets. Today they pull out their phones.
Near-field communications (NFC) is a technology that does not require a device, such as a phone, to be removed from a user's pocket or purse in order to conduct a transaction. There are several mobile phones that currently support NFC, as well as vendors that do financial transactions, including Google Wallet, MasterCard PayPass, Visa payWave, Apple iPhone and PayPal.