Making Mobile Payments Secure

In light of the news that PayPal is trialling a mobile payments system that recognises customers by their first name and profile picture on their account, what security challenges do mobile payments create and how do you tackle these challenges?

It is clear for many in the industry and beyond that we are slowly heading towards a cashless society. The sums being transferred online are already massive and, as Juniper Research predicts, mobile transactions will hit $1.3 trillion worldwide by 2015. Increasingly, we are seeing businesses turning to mobile devices for payment acceptance as more and more consumers buy and browse for products and services on the go. Additionally, with the anticipated launch of the UK Payments Council’s interbank P2P payments service next year, where people will be able to send money to anyone who holds a bank account that is signed up for the service via mobile, we are seeing a major disruption to traditional banking. But the challenges are many and until payments providers ensure – and prove – their offerings are secure, convenient and seamless, the race to a mobile cash world could start to stutter.

There have certainly been some interesting launches of late. PayPal will be trialling a mobile payments system that recognises customers by their first name and profile picture on their account, meaning customers can pay for items just by using their PayPal app and profile picture. Closely following this is the launch of PayPal Here, a quick and easy payments solution for SMEs and its customers. And, given one of the trends of the financial services industry in recent months is the entrance into the market of non-financial organisations, it was no surprise to see that Facebook recently announced its own play for the mobile payments market, experimenting with ways to make purchases using Facebook logins through partnering e-commerce mobile apps.

While these developments sound promising for the industry and consumers in theory, payment processing and security complexities make this a challenge. The fragmented market, complicated ecosystem and consumer trust in existing brands represent huge barriers.

A survey by eDigitalResearch found that 52% of people are still concerned by the security of mobile payments and 40% said it is more susceptible to fraud. The PCI Security Standards Council (PCI SSC) issued new mobility guidance earlier this year, particularly for merchants that are new to this channel or want to embrace it. Specifically, the guide outlines the main factors and risks that need to be addressed in order to protect card data when offering mobile payments. This includes security of payment transactions, the mobile devices themselves and the payments acceptance solution. Given that multiple parties are involved at each stage and with so many entering the market, it will take time to ensure the process is watertight from start to finish.

However, it is not just about security. Ensuring that the entire payments process is seamless and accessible from any device from any location will be critical. This after all, is what consumers demand from today’s technologies and processes; if there are too many complications they are likely to abandon the purchasing process altogether. In order to avoid this, banks, card merchants, and traditional payments players will have to think about how to disrupt their existing business models and infrastructures. For banks and financial institutions in particular, this requires them to work with and support a wider variety of organisations. They will need to quickly adapt to these new transactions and central to this is ensuring their IT processes can support the latest payment channels, so that the customer journey is as smooth as possible across all types of mobile devices.

In our experience, mobility is transformational in the same way as the internet has been. The most successful mobility strategies focus on anticipating customer needs, enhancing customer experience and demands in tandem with adapting to how retail is evolving, for example how people prefer to shop now and in the future. They are also built on a strong collaboration between businesses, IT and, ultimately, end users. It is only by building strong partnerships that everyone involved can capitalise on the mobile money opportunity, overcome security barriers and enhance the customer experience.



Tony Virdi is Vice President and Head of Banking and Financial Services in the UK & Ireland at Cognizant