We strive to be the partner of choice for customers, insurance carriers and employees looking for long-term relationships built on a foundation of trust.
As a relatively new financial service, mobile payments have the potential to significantly change how consumers buy and sell goods using their phones, tablets and other devices. While mobile payments will undoubtedly become more popular, such payments are not without risks. Read on to learn about mobile payments risks and what you can do to minimize them.
What Are Mobile Payments?
Generally, mobile payments are defined as the use of a mobile device—usually a smartphone or tablet—to initiate a transfer of funds to people or businesses. Mobile payments can be made at the point of sale (POS) or to facilitate person-to-person payments. In either case, mobile payments are enabled by the increasing popularity of smartphones, the availability of POS terminals that are equipped to process transactions using near-field communications (NFC) and the growth of alternative cloud-based mobile payment solutions.
There are five main types of mobile payments:
1. Mobile wallet: Uses a phone’s NFC protocol that allows for encrypted exchange of payment between two devices. Examples: Google Wallet, Apple Pay
2. Mobile phone as POS: Allows users to attach a card reader directly to their phones to process payments. Examples: Square, VeriFone
3. Other types of mobile payments: Any mobile payment that isn’t considered a mobile wallet or mobile phone as POS. Examples: PayPal (when bumping phones to send money to someone), Serve
4. Direct carrier billing: Payments billed directly to a mobile phone account; merchants paid directly by mobile carrier, bypassing traditional payment networks. Example: buying a ringtone or app if it is added directly to your phone bill
5. Closed loop mobile payments: When companies create their own type of mobile payment system. Example: Starbucks
According to the 2013 LexisNexis® True Cost of FraudSM Mobile Study, nearly 1 in 10 merchants accepted mobile payments in 2013, a 50 percent increase annually since 2011, and 25 percent of merchants expect to start accepting mobile payments in 2014.
Why Would Businesses Use Mobile Payments?
Mobile payments are advantageous because:
Consumers no longer need to carry around credit cards or cash, eliminating the possibility of loss or theft of those items
Some mobile payment systems charge less for credit card fees than credit card companies do
The payment is made using a phone or tablet and stores no credit card data with the company, making it harder for criminals to steal
They enable companies to implement loyalty programs more easily. Customers no longer need to manually keep track of purchases, reward points, etc.
It is easier to track customer behavior because payment systems keep databases of what consumers bought and how they paid for it
Checkout time is decreased
They give consumers more ways to pay
They allow smaller businesses to become more competitive with larger chains
Mobile Payments Risks
While mobile payment systems have clear advantages for businesses, they also come with a fair amount of risk.
Mobile Payment Compliance
As is the case with any new product offering, businesses interested in using mobile payment systems should have a broad review and approval process to ensure compliance with internal policies and applicable laws and regulations. Unlike most banking products that allow institutions to control much of the interaction, mobile payments require the coordinated and secure exchange of payment information among several unrelated entities. Making matters more challenging is that much of the innovation in the mobile payments marketplace is driven by entrepreneurial companies that may not be familiar with supervisory expectations that apply to banks and their service providers.
To date, no federal laws or regulations specifically govern mobile payments. However, the laws and regulations that apply to traditional payment methods also apply to mobile payment. For example, a mobile payment funded by the user’s credit card will be covered by the laws and regulations governing traditional credit card payments.
Mobile payment technologies that do not use the existing payment infrastructure would not be subject to laws and regulations that currently cover such payments. In addition, certain mobile payment providers may be subject to the jurisdiction of one or more federal or state regulators.
Mobile Payments Fraud
Retailers lost an estimated $3.5 billion in 2012 due to online fraud, according to a study by CyberSource, a Visa subsidiary.
Businesses should be particularly conscious of the potential and perceived risk of fraud in mobile payments. Customers are more likely to adopt the use of mobile payments if they are confident that the provider has taken appropriate steps to make this service secure by protecting their funds and confidential account information. Encrypting sensitive information stored on the mobile device and providing the ability to disable or wipe the device clean if it is lost or stolen are examples of effective controls that should be carefully considered as part of any mobile payment service.
According to the LexisNexis study, small businesses lose more revenue to mobile payment fraud than larger businesses do because they are less likely to protect themselves from fraud. Mobile malware is a constant danger to these businesses, as they may not employ a full IT staff to handle various cyber threats.
The LexisNexis study also found that 58 percent of the fraudulent transactions against the surveyed companies involved a credit card, while just 23 percent involved a debit card.
Identity theft is the most popular type of fraud associated with mobile payments. Criminals can effortlessly make purchases and get access to personal information on a lost or stolen smartphone, many times without the consumer’s knowledge. The whole point of mobile payment systems is to make it easier for consumers to buy things, but that also means criminals have the same ease of use.
Growing Popularity of Mobile Payments
The more popular mobile payments become, the more they will be targeted by hackers and thieves. And since the regulatory landscape is lagging behind with these types of payment methods, they are not as safe now as they will be in the future.
While the majority of Americans own a smartphone, they may not understand the privacy implications of storing all their personal data on it. As more consumers use mobile payment systems, we should see an increase in consumer and business vigilance.
Recommendations for Minimizing Mobile Payment Risks
There are various measures you can take to shore up the security of your mobile payment system:
Authenticate the identity of the consumer and his or her device when accepting card-not-present payments
Mobile apps are generally better at protecting customers’ personal data than mobile browsers.Two-factor authentication is the best way to prevent fraud
Track fraudulent activity by payment type
According to the LexisNexis study, only 48 percent of merchants tracked fraudulent activity by payment type (online, mobile, in-person, etc.). It is easier to identify trends and prevent fraud by using this method
Mobile payment systems allow businesses to do this more efficiently than ever
Report suspicious activity immediately to consumers and to your mobile payment company
Make sure your payment systems are up to date at all times
Patching eliminates certain vulnerabilities. Also, make sure your business’ computers are patched regularly
Have any visitors or vendors sign in, and keep an eye on them while they are at your place of business
The Target data breach that occurred during the busy 2013 holiday shopping season is believed to have been perpetuated by an HVAC vendor that was doing work for one of Target’s stores
Mobile payments are becoming an increasingly important part of the payment landscape. Expect to see new types of payment options in the future, along with added security benefits and increased consumer confidence in the platform. Considering accepting mobile payments at your business? Talk with the Lawley Business Insurance team today to discuss how mobile payment systems can help your business thrive but also understand how to stay protected.
Stay Educated
Get the latest healthcare compliance, business insurance and personal insurance news in your inbox.
The Director of Operations role will set priorities for the executive team and oversee operational areas of the Property and Casualty insurance divisions of Lawley.