In Depth

Experts Cast Doubt On Mobile Payment Security

A new survey shows cybersecurity experts are questioning how secure mobile payments really are.

According to a recent survey of more than 900 cybersecurity professionals, nearly half (47 percent) said mobile payments are not secure and carry significant perceived security risks and an overwhelming 87 percent of those respondents expect the number of mobile payments data breaches to surge over the next 12 months.

The 2015 Mobile Payment Security Study, which was released late last week from global cybersecurity association ISACA, showed that the growing concerns over mobile security safety are likely to have no impact on the popularity of mobile payments among consumers.

For example, about 89 percent of the experts surveyed said cash was the most secure form of payment out there, but only 9 percent actually prefer to use it.

“Mobile payments represent the latest frontier for the ongoing choice we all make to balance security and privacy risk and convenience,” John Pironti, ISACA risk advisor and president of IP Architects, said in a news release announcing the survey results. “ISACA members, who are some of the most cyber-aware professionals in the world, are using mobile payments while simultaneously identifying and contemplating their potential security risks. This shows that fear of identity theft or a data breach is not slowing down adoption — and it shouldn’t — as long as risk is properly managed and effective and appropriate security features are in place."

The global mobile payment market is expected to be worth an estimated $2.8 trillion by 2020, according to Future Market Insights, solidifying the increased potential for security risks as the market continues to grow.

[bctt tweet="Survey shows 47% of cybersecurity experts think mobile payments are not secure"]

ISACA’s report showed contactless in-store payments specifically are expected to show significant growth as well, but only 23 percent stated mobile payments are successful in keeping personal information safe and secure.

While mobile payments remain a go-to option for many consumers, the survey respondents’ grim outlook on the security of payments made on mobile casts a dark shadow on the booming market.

Basked on the survey results, ISACA ranked the following vulnerabilities associated mobile payments:

• Use of public WiFi (26 percent)

• Lost or stolen devices (21 percent)

• Phishing/shmishing (phishing attacks via text messages) (18 percent)

• Weak passwords (13 percent)

• User error (7 percent)

• There are no security vulnerabilities (0.3 percent)

[bctt tweet="Safe mobile payments require awareness, staying up-to-date on new services and technologies"]

“People using mobile payments need to educate themselves so they are making informed choices. You need to know your options, choose an acceptable level of risk, and put a value on your personal information,” said Christos Dimitriadis, ISACA International President and group director of information security for INTRALOT. “The best tactic is awareness. Embrace and educate about new services and technologies.”

According to the report, cybersecurity experts point to two-way authentication (66 percent) and requiring a short-term authentication code (18 percent) as the most effective ways to increase the security of mobile payments. The least popular security method was making the consumer responsible for their own security by suggesting the installation of phone-based security applications, which only 9 percent of respondents preferred.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.