As the popularity of making purchases through mobile devices increases, so has the number of ways to pay for those transactions. Having started out much like buying online from your home computer, mobile purchasing has evolved to maximize the ease with which the consumer can spend their money. With a simple wave of your smartphone in a store, you can pay for groceries, your morning latte, or that rental car. The challenge to retailers and payment processors is to make it difficult for hackers to collect and use your sensitive information.
Was Your Data Safer in the Early Days?
Mobile device technology caught on long before retailers had retooled their websites to accommodate them. Customers would log into a store’s website with their tablet or smartphone and navigate the site much like they would from a desktop computer or laptop. They used the same checkout process, entering credit card and shipping information manually with each transaction. This was a tedious process as people dealt with devices not made for efficient text input.
Data was safe because retailers had already learned to not store sensitive information on their servers. Instead, they required customers to enter it each time they purchased from their websites. Mobile devices also didn’t store information, and people with a fraudulent intent had to intercept the communication from mobile devices to the retailer to capture credit card information.
Consumer demand for an easier online shopping experience caused device manufacturers, application developers, and retailers to rethink mobile purchasing methods. This resulted in changes that allow customers to buy online with as little as the push of a button or a wave of their phones. Unfortunately, it also increases the number of ways personal information can be compromised.
Convenience Makes Your Information More Vulnerable
The evolution happened quickly.
Retailers made their websites easier to navigate via mobile devices. Modern responsive design techniques allowed a website to recognize what kind of device was accessing it, and then render pages in a way most natural for that device. The checkout process was streamlined to allow customers to complete the transaction quickly before changing their minds.
New apps were developed that store information on a phone or tablet so customers didn’t have to enter it with each purchase.
Then came the digital wallet concept. Now data was stored either on a mobile device or in the cloud in an encrypted form that could only be used by the retailer’s receiving application. In-store purchases were completed as the device communicated with the store’s receiving units. Consumers simply touched their device to a sensor, or with Near Field Communications (NFC) technology.
Today, the data passed between your mobile device and the retailer is undergoing a change, too. Some vendors are using a token system where, instead of your credit card information being sent to the retailer, a specially generated token is sent. The retailer then requests your bank to match the token with your information on file, and the vendor gets payment.
Some of the most recent payment options currently being used include Apple Pay, Google Wallet, and Android Pay.
How Safe is Your Information Now?
Making purchases with your mobile device has never been easier, but identity theft is still a concern. Some risks to your personal information include:
- Physical theft of your phone or tablet from a purse, briefcase, or the top of the coffee shop table
- Interception of the NFC signal carrying your personal information
- Location monitoring technology that allows people to track where your device is physically located
- Data sharing policies by companies that track your purchase activities and retailers visited
- The rise of malware written for mobile devices
It’s critical to be vigilant about protecting data on your mobile device. Hackers are directing more attention to individual devices to retrieve sensitive information. As the trend toward purchasing online with mobile devices increases, so does the temptation for fraudulent activities.