For some consumers, paying at the checkout line becomes a lot simpler when they can forgo the plastic card and pay with their phone. Mobile payment applications like the Isis Mobile Wallet, Google Wallet, Square, and LevelUp turn your cell phone into a payment source: Just store your debit card or credit card information on the phone and scan the device at checkout. "Consumers like the convenience factor," says Sarah Jane Hughes, a commercial law professor at Indiana University. But is this new form of payment safe?
Approximately 12 percent of mobile phone owners made a mobile payment in 2011, according to a recent survey by the Federal Reserve. According to the survey, concerns about the security of the technology were the primary reason respondents gave for not using mobile payments. Hughes says one security advantage to using mobile payments is that "your phone normally stays within your line of sight. So unlike the credit card that gets moved to the back room, you're much less likely to let people take your phone away."
Ben Milne, CEO and co-founder of Dwolla, a mobile payment provider, says mobile payments are inherently more secure than using a plastic credit card. That's because most mobile payments are conducted on phones that have GPS, meaning the payment provider can determine who you are and whether the transaction is a legitimate one. "There's a lot of data around the transaction that can actually be utilized to protect people, and that data isn't available with a plastic credit card," Milne says.
Many people may be less likely to try mobile payments simply because plastic credit cards have been around longer, but Milne says that shouldn't be the case. "It makes no sense to make the argument that because the 16-digit account number has been around longer that it's better," he says. "In any event, probably what it means is the system has more problems. To me, if anything, it has probably more known ways of being exploited because it's been around for so long." With Dwolla, for instance, users never enter their credit card number into the app. Instead, the system stores your bank account information and then enables you to make purchases directly from that account.
Still, mobile payment applications are not immune from security threats. Square was hacked in 2011, as well as Google Wallet earlier this year.
While most mobile payment providers are relatively safe, there are extra precautions you can take. Follow these steps to ensure your accounts are secure when using mobile payments:
1. Have a PIN on your phone. A password to access your keypad "adds an extra layer of protection, in the event your phone gets stolen," Hughes says.
2. Use an app that issues an immediate electronic receipt. That way you can check the amount of money you spend right after each purchase.
3. Choose a method that gives you at least a two-factor authentication, such as a password on the phone and another to access the payment application.
4. Reconcile statements regularly. Just as you'd balance a checkbook, make sure to match up your mobile payments with receipts. "Anybody who is going to do a payment through a mobile phone needs to be paying close attention to their account," Hughes says.
5. Report security and payment problems right away. Your mobile payment is typically covered by the Electronic Fund Transfer Act, but the liability limits depend on how quickly you report the problem. "The first two days, you're pretty well-covered. After that, the liability can go up to $500," Hughes says. "And if you don't do it relatively promptly, it can go up beyond $500."