CONTINUE TO SITE »
or wait 15 seconds

Article

Who's watching over our mobile financial data?

With mobile financial services poised for rapid growth, the FTC is keeping a keen eye on data security.

August 15, 2013 by Suzanne Cluckey — Owner, Suzanne Cluckey Communications

The convergence during the '90s of a few key elements — online connection, shared networks and a successful lawsuit against the practice of banning ATM surcharges — jolted the ATM industry into sudden explosive growth.

Mobile financial services is just waiting for all the pieces to fall into place, sparking a wildfire of demand among consumers. More than a few industry watchers are convinced that the only element lacking now is an NFC-enabled iPhone.

The Federal Trade Commission, for one, is not waiting to find out what that final element will be. The agency has already staked out a leadership role in potential regulation of the mobile financial landscape.

At the first ATM and Mobile Executive Summit in September, keynote speaker Malini Mithal, assistant director of the Bureau of Consumer Protection at the FTC, will outline areas for potential action.

In her presentation, Mithal will discuss findings of the 2013 FTC Report "Paper, Plastic, or Mobile." The Report demonstrates a strong concern for privacy issues in a mobile environment.

Businesses receiving particular Commission scrutiny include payment card networks, hardware manufacturers, and systems and applications developers.

Following is an excerpt from the paper that addresses the topic of data security — an area of concern in every mobile financial transaction, including ATM withdrawal prestaging and mobile banking apps.

 

 

 

[A] key concern for consumers when making mobile payments is whether or not their sensitive financial information can be stolen or intercepted. As noted above, a Federal Reserve study reported that 42 percent of consumers were concerned about data security, and this concern was the most cited reason why consumers have not used mobile payments.

Specifically, consumers were concerned about hackers gaining access to their phone remotely, or someone intercepting payment information or other data.

Given that a major impediment to consumers' adoption of mobile payment technologies is the perceived lack of security, the incentives for industry to get security right should be strong.

Nevertheless, although the technology to provide enhanced security in the mobile payments market is available, it is not clear that all companies in this market are employing it.

Technological advances in the mobile payment marketplace offer the potential for increased data security for financial information. A number of workshop panelists described how, under the traditional payment system, financial data is often transmitted or stored in an unencrypted form at some point during the payment process.

By contrast, mobile payment technology allows for encryption throughout the entire payment chain, which is often referred to as "end-to-end encryption."

Additionally, under the traditional payment system, financial information on a card's magnetic stripe that is transmitted from a merchant to a bank consists of the same information sent each time a consumer makes a payment. Thus, if this information is intercepted, it can be used repeatedly for subsequent, unauthorized transactions.

Mobile payments, however, can utilize dynamic data authentication, whereby a unique set of payment information is generated for each transaction. Accordingly, even if the data is intercepted, it cannot be used for a subsequent transaction.

In the mobile context, payment information also can be stored on a secure element that is separate from the rest of a phone's memory, preventing hackers who access a phone operating system from compromising sensitive financial information.

Mobile payment providers should increase data security as sensitive financial information moves through the payment channel, and encourage adoption of strong security measures by all companies in the mobile payments chain.

Consumers may be harmed when less responsible companies use insecure methods to collect and store payment information. Further, the reputation of the industry as a whole may suffer if consumers believe lax security practices are the norm. Many federal and state laws also impose data security requirements on businesses that collect and use financial information and other sensitive data.

There are practical steps consumers themselves can take to secure their sensitive financial information in the mobile payments marketplace. Most simply, if consumers are using payment apps on their phones, they can set password protection for unlocking their phone.

Consumers also can often set a second password for any payment apps. Further, consumers should be informed that if a phone with mobile payment apps is stolen, they can contact their mobile carrier immediately and have the phone and all payment apps disabled.

Education can play an important role in alerting consumers to these protective measures.

FTC staff encourages all stakeholders to raise consumer awareness about the security of mobile payments and the steps consumers can take to protect themselves.

Read more about mobile banking.

photo: rpepperpot

About Suzanne Cluckey

Suzanne’s editorial career has spanned three decades and encompassed all B2B and B2C communications formats. Her award-winning work has appeared in trade and consumer media in the United States and internationally.

Related Media

Innovation

Branch Transformation
Advanced ATM features: 5 to include
ATMIA 26th Annual US Conference
How AI will disrupt, enhance ATMs
Innovation
Bank digital signage: 4 ways to use
Brochure
7D (MX7600DA): Hyosung’s proven, reliable, full-function ATM
Presented by Hyosung

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
DC AG sues Bitcoin ATM operator Athena Bitcoin for allegedly exploiting scam victims
NCR Atleos earns #5 rank in fintech rankings
SEC to revamp cryptocurrency policies amid Trump's pro crypto push
Metropolitan Commercial Bank named as an SBA loan provider
Chase selects Nova Credit for cash flow underwriting


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'