As science advances communicationthrough mobile technology is developing very fast. Smart phones have alreadybecome something really important in our lives.
With the development of smartphones, new areas such as mobile payment are beginning to involve in addition to the traditional functions ofcalling, texting and surfing the Internet. As a matter of fact mobile paymentas a transaction medium is not quite anew term. Its adoption has been slow due to the nature of the mobile technologysupporting the concept. However, recent significant advances on the technologyhave made this area grow in the financial services sector. Payment via mobile phone(alsoreferred as mobile payment) can be categorized in two types: proximity paymentsand remote payments. Each category has its own used technology. One of thesetechnologies is NFC, which stands for Near Field Communication. NFC in particular, is making a difference outthere due to the security and reliability it offers.
When we talk abouttechnologies, a key aspect that we keep in our mind is how secure they are. Howcan they protect our data and in this case our money too. In this paper will bediscussed about how mobile payments work, the categories in which they areclassified, the security issues they have, and how we can protect ourselvesfrom them.
Key words: mobile payment,proximity, remote, technology, security 1. IntroductionEach year brings newpossibilities in mobile device technology. Smartphones have become an importanttool in our lives. More and more consumers would be lost without theirsmartphone, relying on it to get through the day. With the development of smartphones, new areas such as mobile payment are beginning to involve in addition to the traditional functions ofcalling, texting and surfing the Internet. Even though payment via mobile alsoknown as mobile payment isn’t quite a new term, only recent advances on thetechnology have made this area grow in global range. In the following of thispaper we will discuss about how mobile payments work, the categories in whichthey are classified, the security issues they have, and how we can protectourselves from themWhat are mobile payments?Mobile payments,also known as m-payments, may be defined as any payment where a mobile deviceis used to initiate, authorize and confirm an exchange of currency in returnfor goods and services.
Mobile devices include mobile phones, PDAs, wirelesstablets and other devices that can connect to mobile telecommunicationnetworks. Mobile payments can be an alternative to cash, checks, credit cardsand debit cards, and can make possible new opportunities for commerceconvenience. 2. Literaturerevision There are severalaspects on which the mobile payment can be grouped.
In this paper we will usethe most common partitioning method which is based on the distance thattransactions are made. Following this way, mobile payments are divided into twogroups: proximity mobile payments and remote mobile payments. A. Proximity mobile paymentsProximitymobile payments are mobile payments in which the payer and the payee are in thesame location and where the communication between their devices takes placethrough a proximity technology. Now let’s look at the two most commonly used proximitytechnologies.NFCNFC (near field communication) is the technology that allowstwo devices to talk to each other when they’re close together. In order forthis to work, both devices must be equipped with an NFC chip.
You usually haveto hold your phone two inches or less from the reader. When a contactless paymentis initiated, the NFC technology goes to work. Then the NFC-enabled reader andthe smartphone pass encrypted information back and forth to each other tocomplete the payment. This all takes just seconds. Speed, in fact, is one ofthe best features of NFC payments. The most popular and successful digitalplatforms that use the nfc technology are: Android PayAndroid Pay uses NFC communication to make a secure credit ordebit card transaction between your smartphone and the payment terminal. You willbe prompted to tap your phone to the contactless payment terminal when it’syour turn at the counter. Depending upon the system being used, you may have toenter your card’s PIN on the payment keypad of terminal.
Apple PayApple Pay works with iPhone, iPad, and Apple Watch. If a POSsystem supports Apple Pay, when you are ready to check out, you can use yourstored credit or debit card to pay with just a quick press of your fingerprintor the side button on your watch.You do not need to verify the expiration dateon your card, enter the security code, or do anything else since all theinformation is stored on your device. Samsung PaySamsung has taken a different approach to mobile payments, byencompassing all that Android Pay has to offer and adding additional support.
Unlike the current incumbents, Samsung Pay supports MST(Magnetic SecureTransmission) alongside NFC, which means it works with any payment terminalthat accepts contactless payments. When you open the Samsung Pay app, yourdefault card will appear along with a message to authenticate a payment with yourfingerprint (or iris scanner on Galaxy S8 and S8+). Once the payment has been authorized,the phone tells you to tap it onto the contactless payment reader and finally,a payment is made via NFC.
QR Code PaymentsCompared to NFC, a QR Code is a much cost-effectiveand viable option. Enabling mobile payments via QR Codes will only need the followingsoftware updates:- Update to mobile app that includes QR Code scanningand generation features. – Update to POS to accept payments processed by yourserviceHow it works?Case A: merchants enter the payment amount.Customers open the App and display a QR Code generated for the transaction.Merchants scan the QR Code, and the amount is deducted from the customer’swallet.Case B: customers open the App and scan the QR Codedisplayed by merchants.
This enables the App to identify the merchant. Customersthen add the amount and complete the payment. Each ofthese technologies has its own advantages and disadvantages. However, NFC is currentlydominating the market. This is because it offers more flexibility, speed andsecurity in use. B.
Remote MobilePaymentsRemote mobile payment occurs whenthe retailer is remote to you and you purchase goods via SMS text message ormobile website with your mobile device. SMS payments and peer – to – peertransactions are two ways to make remote paymentsSMSPaymentsWithSMS payments, a text message is sent to the mobile payments provider to pay forthe item or service you are buying. The payment provider then clears thetransaction between the buyer and the merchant. The cost of the item, plus anyadditional charges for delivery, are added to the buyer’s postpaid mobile phonebill, or are deducted from their load balance for pre-paid mobile phones. Byusing SMS payments, customers can make payments for their goods quickly andsecurely, and can also make deposits and send remittances to other mobile phoneusers. One of the most popular services of this category is M-Pesa. M-PesaVodafonelaunched M-Pesa back in 2007. It allows users to deposit or withdraw money,transfer money, and make payments with their mobile phone.
The actual accountfor the money is stored on the user’s phone, and they use secure SMS messagesto send money or make payments. The transactions carry a small fee as well.Very popular in some African markets, M-Pesa is huge in Kenya where the servicefirst launched.
Peer-to-peertransactions Peer-to-peertransactions (also referred P2P transactions, or P2P payments) are electronicmoney transfers made from one person to another through an intermediary,typically referred to as a P2P payment application. P2P payments can be sentand received via a mobile device with access to the Internet, offering aconvenient alternative to traditional payment methods. Through the P2P paymentapplication, each individual’s account is linked to one or more of the user’sbank accounts.
When a transaction occurs, the account balance in theapplication records the transaction and either sends or pulls money directly tothe user’s bank account or stores it in the user’s account within theapplication Some of the most popular services that offer peer-to-peertransactions are: PayPal.MeWiththe P2P PayPal.Me, you can share a PayPal links for easy money transferringamong friends or groups of friends. You can request or receive payments byinstant message, social media, text or email – all through your personalizedPayPal.Me link.
SnapcashSnapchatpartnered with Square to develop Snapcash, a fast, fun way to send money toyour friends. With Snapcash, you type an amount you want to send into into aSnapchat message and then tap a green Snapcash button. If your friend’sSnapchat account is linked to a debit card, the money is transferred to hisbank account. If not, they have 24 hours to claim the money before it bouncesback to your account. SquareCashPossiblythe most versatile P2P payment system is Square Cash, which lets you send moneythrough its app or website, email, iMessage, Apple Watch, Siri or Snapcash.
Thebest part: Your recipient needs only a US bank account. C. Security issuesand how to deal with themEventhough monile payments have grown in popularity among consumers since 2011, itsuptake has been slow. Many consumers find it inconvenient to tap their phonesagainst checkout line card readers instead of just swiping or dipping a card orplunking down cash. In a 2016 survey, 21 percent of respondents werereluctant to enter their payment card details into their smartphones, and 19percent said they believed paying with their phones could lead to fraud.However,many experts say mobile payment methods offered by major providers are moresecure than physical cards and cash. This is because mobile wallets use methodssuch as encryption and tokenization to mask payment card account numbers whenyou enter them and when you pay. Despite technologically advanced protections,mobile payments are not immune to intrusions by hackers and identity thieves.
Here are some of the biggest mobile payment security risks, and steps you cantake to protect yourself.1. Losingyour phone is like losing your credit cardA typicalsmartphone contains a huge amount of personal data. It also can provide accessto credit and bank accounts via a mobile wallet and payment apps.
Whatto do: Most smartphonescontain built-in protections that can prevent a phone thief from using yourmobile wallet to rack up fraudulent charges. The best way to keep a thief outof your phone is to require two-factor authentication to unlock it, ideally, aPIN combined with a biometric method such as your fingerprint, facialrecognition or an iris scan. But these methods are not one hundred percent foolproof.If you are not omfortable entering your fingerprint into your phone or scanningyour eye, there are other security measures available.
Many smartphones allowyou to erase your data or turn on password authentication remotely, using a PCor a tablet if your smartphone is lost or stolen. 2.Cyberthieves can ‘spoof’ your mobile walletWhen youadd a credit or debit card to your mobile wallet, the card number is storedsecurely via encryption, which disguises it with a code created by analgorithm. Additionally, the major mobile wallet providers use randomlygenerated payment tokens to ensure your card information is not seen bymerchants or even the wallet providers when you make purchases. The risk that acybercriminal can steal your account numbers is small, but it grows if you addcards to your mobile wallet while using an unsecured public Wi-Fi network.
Hackerswho lurk on such networks can re-create, or “spoof,” a mobile wallet’sregistration system, for which you’re required to enter your card’s data.Whatto do: Load your cards intoyour mobile wallet while at home, using your own password-protected Wi-Finetwork. If you need to manage your mobile wallet while away from your home,consider setting up a personal virtual private network (VPN) for your phone.
3. Your phonecan become infected with malwareCybercriminals use malware to remotely commandeer computers, smartphones and otherdevices or steal users’ passwords and other private information. Malwareinfection typically results from an unwitting user clicking on a sketchy ad ora phony link sent by a malicious third party. One such piece of malwarecalled Faketoken is capable of overlaying banking and otherapps that prompt Android phone users to enter payment card details. IPhones areless vulnerable to malware due to Apple’s strict quality control standards forapps, but they’re not immune.
Whatto do: Avoid clicking on linksincluded in suspicious ads, email or text messages from unfamiliar sources. Itis recommended to install anti-virussoftware on your phone as an extra safeguard 3. Conclusions The mobile payments market holdsa future that is promising for both consumers and providers. Mobile paymentsfacilitate the work for both the payer andthe payee. They offer flexibility as well as create new opportunities for howdifferent transactions can be made.
As for the security issues we can say thatthey are not enough to stop people from using these new opportunities. Thisbecause no payment method is completely safe from theft. Virtual and touchable walletscan be stolen by their owners. But mobile payments offer many advanced securitymeasures technologically, and competition between providers means that improvementsare yet to come.