Mobile payments: Here is how we can ensure it stays secure

Ramaswamy Venkatachalam

Over the past decade, Indians have been increasingly replacing cash with plastic money. According to the Reserve Bank of India, during 2014, non-cash transactions at point of sale (POS) machines have seen a jump of 34% to 137 million transactions, totaling Rs 29,420 crore per month. Now, combine that with the increase in mobile subscriber base in India. As per TRAI data, there are about 973 million mobile subscribers in India, with 4 million being added every month.

With the rise in non-cash transactions combined with the added convenience of mobile phones, you have a potent combination of a very large market for mobile payments. This is the reason why many enterprises are jumping on the m-wallet bandwagon in a relatively short period of time. Along with this, we have private and public sector banks and other third parties advertising their apps and encouraging transactions on the mobile phone.

As per the recent FIS Banking performance against consumer expectations (PACE) survey, mobile bill payments and mobile fund transfers uptake is strong across all age groups. For retail-based transactions involving apps, wallets and coupon redemption, mobile activity is prevalent among all age groups but is strongest in the below 45 groups. Consumers under age 45 also drive activity in mobile person-to-person payments.

Related stories

Ramaswamy Venkatachalam

managing director|FIS India & South Asia

However, convenience comes at its own cost! While mobile payments offer attractive benefits of cost effective financial solutions, it is important for consumers to be aware and exercise caution while using mobile phones for making payments. The mobile is nothing short of a personal computer squeezed into the palm of your hand. So follow these recommended practices for ensuring security while enjoying convenience at your fingertips:-

Precautions to take while making mobile payments

1. Install reputed antivirus software: Numerous gaming and freeware apps tend to drop bread crumbs (tracking code) on the mobile phones. This helps them gather user information and push advertisements. Consumers, who often use mobile phones for making banking transactions should be wary of logging in to unknown websites and refrain from entering sensitive information on unknown applications. Some users may try to gain admin access on their mobile devices through a special process called jailbreaking (on the iOS) and rooting (on the Android OS). These users need to be extra careful if they are installing apps from sources other than their official app stores- as their phones already have a breached security layer.

2. Be wary of shoulder surfing: Native mobile OS keyboards of iOS/android have a peculiar issue of typed characters being displayed briefly. This is the most vulnerable aspect of using mobile phones for financial transactions. While the applications themselves have security measures such as login ID and passwords, someone may be watching over your shoulder while you type. The feature where phones allow you to display the password (the eye symbol), should be used only when you are absolutely sure that no one is shoulder surfing! Opt for One Time Password (OTP) transactions wherever you can.

3. Do not store sensitive information on your phone: Would you write your PIN behind your credit/debit card? Then why would you store sensitive details such as login ID, password, mobile PIN, etc., in your phone? Someone I know has stored his banking app PIN in his phone contacts while others have it stored on their notes app. As an end user, storing all information for ease of access is natural, but in case your phone is stolen, you would be putting your bank account at risk.

4. Create a strong password: A strong password is a must for any user for banking transactions or otherwise. As a norm, a password must be a combination of alphanumeric characters. Don’t try to use the same password across all applications. Throw in a few special characters that make no sense to someone trying to interpret it. And of course, memorize the password very well. 5. Download only official apps: Mobile wallets are susceptible to hacking in a scenario where users download the mobile payment apps from an untrusted source. Ensure that you download apps only through official websites. These apps also release newer versions, in case new vulnerabilities are detected. Ensure that you set the automatic updation feature on the app, so that you have the latest versions running on your phone.

6. Use only reliable networks: While it may be tempting to use free Wifi, avoid logging in to unknown networks. The network connection should be secure and trusted. If you are on the road, ensure you use your phones 2G/3G/4G connections or wait till you reach your destination. Also turn off your bluetooth/Near Field Communication (NFC) connections when not in use.

These may seem like a lot to remember and implement. However, cyber-crime and online fraud has increased exponentially in the past few years. While there is no doubt that mobile payments are convenient, the technology is complex. For cyber sleuths, solving these frauds is time consuming and many victims lose hope of ever recovering their money. While mobile payments are designed to be secure, a little prudence will go a long way in increasing the robustness of the system and help us turn into a cashless society.

Author is managing director of FIS India & South Asia, provider of banking & payments technology services