THE BOTTOM LINE

How Safe Are Mobile Payment Apps?

Although the U.S. accounts for roughly one-quarter of global credit card transaction volume, studies have shown that almost half of the world’s credit card fraud takes place here. Many experts attribute this to the U.S. lagging behind the rest of the world in implementing technologies such as EMV chips in credit cards. Other countries also take a more sophisticated approach toward using mobile devices for Internet commerce.

There is no denying that it is becoming increasingly convenient to use our mobile phones as our productivity tool of choice. Today’s smart phones are used for a myriad of applications such as browsing the Internet and connecting to various social media sites, and increasingly, for online shopping and making electronic payments for purchases.

Mobile payment technology, however, is still in its infancy and is not yet bulletproof. Hackers are sophisticated and the malware protection for mobile apps can still have serious vulnerabilities in the protection it offers. Phones themselves are not particularly secure either; when you use a smart phone for wireless payment transactions, you are dealing with several kinds of technology that all need to work together in a seamless but secure way. For example:

• There’s the phone itself, which can be accessed by someone simply picking it up. You’ll have some added protection if it is password protected.

• The apps inside the phone are each separate types of software with their own potential vulnerabilities.

Last but not least, your phone uses wireless signals that, in some cases, can be captured by fraudsters – particularly if you use a public network without sufficient firewall security.

Steps You Can Take for Increased Protection

What can you do to help ensure you have the best protection currently available? Experts suggest using a system or platform that requires two-factor authentication. That means that after you type in your password, you also have to provide additional information. Sometimes that will be a separate temporary passcode sent to you via text message. That may seem like a hassle, but if the apps you use offer that option, you should definitely use it. A small inconvenience now is much better than a larger, more expensive data breach later.

Another suggestion that is easy to ignore, but absolutely essential, is to use unique, one-of-a-kind passwords for each account. Most hacking occurs when criminals steal one password, try it out on applications such as bank and credit card accounts, and then figure out other accounts where the same password is being used. At that point they can access all of your financial and credit accounts and do serious damage that you then have the headache of clearing up.

Technology will eventually improve, along with the security of payment apps. But in the meantime, make sure to take the necessary precautions to ensure your private information is secure.

Sassan S. Hejazi, Director, Technology Solutions Center for Private Company Excellence Specialist can be reached at or 215.441.4600.