Mobile Payments: Why so Scary, America?
Mobile payment systems are a relatively new technology that has sparked the interest of lawmakers, federal agencies, academics, and privacy advocates. The question they are all asking is why are Americans not taking advantage of a system that promises to significantly increase economic efficiency and convenience?
When it comes to mobile payment systems, the United States is lagging far behind in usage compared to Europe, Japan, and South Korea. A recent study conducted by the Federal Reserve revealed “perceptions of limited usefulness and concerns about security are holding back the adoption of mobile financial services,” with only 12 percent of mobile phone owners reporting that they made a mobile payment in the last year.
Electronic wallets serve a multifunctional purpose on a device that can fully emulate physical wallets retaining cash, transaction information, and identification and authentication information. They have the ability to capture and transmit data onto a device that can replace the need for loyalty cards, transit cards, movie tickets, parking tickets, keys, and ID cards. It is clear that both consumers and merchants alike stand to benefit significantly from the new mobile system. And yet, the Federal Reserve reported that more than a third of consumers that don’t use mobile payments either don’t see any benefit from using mobile payments or find it easier to pay with another, more traditional method.
According to statistics published by the Federal Reserve, security concerns were the primary reason given for not using mobile payments (42 percent) and the second most common reason for not using mobile banking (48 percent). At the FTC’s Mobile Payment workshop on April 26, 2012, panelists convened to discuss the security and privacy implications if such a system were to be adopted on a larger scale. Bradley Greene, Senior Business Leader in the Mobile Products division at Visa, stated that mobile payment systems have the potential to add levels of security to consumers through distinct features including locked payment credentials with only the bank having access; dynamic authentication and data; and configuring the use of a passcode for transactions within the device.
As security practices have yet to be standardized, “mobile payments as related to security are the wild wild west,” said Paul Rasori, Senior Vice President of Marketing at VeriFone Systems. Ben Milne, CEO and Co-Founder at Dwolla, noted that security is a network architecture issue regarding mobile payments, raising the concern that personal information can be stolen from any number of service providers without the user’s knowledge. Yet when implemented correctly and with proper security measures in place, a mobile device should be more secure than a physical credit card, said Milne. As an additional security measure, companies should start from the assumption that “bad” data will be passing through systems. To that end, he suggested building procedures to discard of such data as well as data no longer needed for its intended purpose.
The success of mobile payments hinges on establishing user trust through transparency, said Pat Walshe, Director of Privacy at the GSM Association. “Privacy by design is really the key for mobile payments,” said Harley Geiger, Policy Counsel at the Center of Democracy and Technology. According to Geiger, users should be provided with controls over the collection of information for the purpose of marketing, and not every purchase should be the equivalent of joining a loyalty program. Update: Geiger also wrote a detailed blog post explaining the privacy issues with mobile payments.
These principles are in line with the findings from a survey conducted by the Berkeley Center for Law and Technology, revealing that a majority of Americans objected to having their personal information shared at the point of sale. In particular, 65% stated that they would definitely not allow sharing their telephone number with a store where they purchase goods. Moreover, despite the fact that mobile payment systems can enable unique consumer information to be passed to the retailer, the authors suggest that retailers should be prohibited from obtaining this information automatically without the consumer’s consent. “An opt-in standard on a per-transaction basis could empower consumers to share where they find it appropriate but block this information collection and sharing by default.”
Others on the panel argued that the government should be careful not to anticipate unimagined advances in order to avoid speculative harms, particularly as this technology is just beginning to emerge. “A dozen years ago, the prospect that a company would know your reading habits and use that was something that seemed suspect. Today, personalized book recommendations on the Internet are an offering most couldn’t have envisioned and few would want to give up. With comfort the public often embraces change; the uncertain future becomes the popular now,” said Mallory Duncan, Senior Vice President and General Counsel at the National Retail Federation.
Looking to the Future
An effective mobile payment system must have the proper infrastructure in place with all the players working together, due to the intricate interdependent nature of this ecosystem. Currently, the two major competing mobile payment services are Isis, a joint venture formed by AT&T, T-Mobile, and Verizon and Google Wallet backed by Visa, American Express, Discover, MasterCard, Nexus, and Sprint. As these providers compete to bring these services to the market, the evidence is clear that privacy and security will play a key role in paving the path to consumer adoption.