Fending off cyber evil in the mobile wallet space

Fending off cyber evil in the mobile wallet space

Sunday September 25, 2016,

6 min Read

Traditional payment systems are witnessing heightened competition from digital and mobile payments because they present a convenient proposition to pay for goods and services. While these mobile payment systems appear promising, unsecure wallets are bridled with potential risks that can threaten the future of the industry.

security

Image credit: Shutterstock

Smartphones facilitating the growth of mobile payments

While credit card penetration in the country continues to be low, the overall concept of mobile payments has begun to bridge the gap of digital penetration –– whether it is through NFC, contact-less payments, mobile wallets or super wallets. While introduced for convenience, mobile payments have spawned into a huge industry, thanks to India being the second largest global market, with nearly 239 million smartphone users. A Cisco report said that smartphone adoption would grow to nearly 651 million between 2014 and 2019. But while smartphones display promise in terms of overall mobile payments, mobile wallets may continue to face hurdles.

Mobile wallets steeped in innumerable challenges 

A big problem plaguing mobile wallets today is huge investments in marketing and advertising to stand out and reach out to more customers. For startups, cashback options and large marketing budgets burn money, leaving many of them financially strapped.

Financially-strapped mobile wallets are quickly facing the pressure of their deep prior discounts. They are now reducing discounts and no longer offering cashbacks because investors are clamping down on these activities. With National Payments Council of India (NPCI) launching the new payment infrastructure known as Unified Payments Interface (UPI), users can transfer money between two parties without the hassle of going through wallet passwords and other details that could make mobile wallets irrelevant very soon.

The use of mobile wallets renders physical debit cards or credit cards unnecessary. Money is prepaid into these wallets, but the lack of interest and loss of surplus money presents a large challenge on its own. This can be especially challenging for poorer sections that rely on this monetary interest for their livelihoods.

Mobile wallets usually don’t need identification documents to register accounts for money stored up to Rs 10,000. This lack of KYC documents has made it increasingly difficult to identify scammers who store money in these digital wallets. KYC verification is only necessary when the amount exceeds this sum. In order to win new customers amid aggressive competition, most wallets ignore consumer quality and basic KYC checks, leading eventually to frauds. While the cyber crime cell has asked the RBI to make KYC mandatory for wallet users, this long-stemmed problem continues to plague the industry.

Apart from problems related to lack of interest, surplus money, lack of KYC and huge marketing investments, the issue of security remains a fundamental challenge for mobile wallets, leaving the industry flummoxed. Malicious cyber criminals can get their hands on sensitive information and consumer data. Lack of security protocols means that fraudulent transactions are bound to take place if hackers are able to get into accounts. Recent reports indicate that seven hackers were held for stealing cash worth Rs 25 lakh by hacking the wallet apps of leading banks.

The number of fraud causes through mobile wallets is expected to rise from one percent to two percent in a few years. Positive steps must be taken to enhance consumer awareness about the growing need for security measures, but this is still at a very early stage and has proven challenging in an economically and culturally-diverse country like India. More robust security models, like two-factor authentication, are crucial for reducing fraud potential in the country.

Why two-factor authentication is vital

Security is intrinsic to any digital payment because of the sensitivity of the information involved. While wallets make payments through biometrics and tokenisation, there is significant room for improvement in security to prevent fraudulent transactions from taking place.

Most wallets offer a ‘One Touch’ or ‘Alternative to OTP’ option for facilitating transactions, but more advanced malware can easily bypass these security protocols by intercepting them as they are used, while creating an alternative browser window to log the hacker into the account. With standard security measures requiring simple passwords and usernames, it is easy for cyber criminals to gain access to private data. This is where two-factor authentication can make a real difference.

The two-factor authentication platform offers greater security levels over passwords and PINs. This makes it resolutely harder to overcome two very different factors to access payments through the device. A two-factor authentication process lowers the number of identity thefts and phishing via email cases because hackers would need more than just passwords and usernames.

The RBI has stipulated that all transactions using cards in India for payments should follow a two-factor authentication requirement. While there are no specific stipulations in place for mobile wallet payments, it’s prudent for the industry to consider this if they want to prevent frauds. With so many hurdles troubling the incumbent mobile wallet industry, an opportunity for super wallets arises because of enhanced convenience and security.

Data proves that since the advent of two-factor authentication, consumer confidence in using cards both online and at offline stores has gone up tremendously. Two-factor authentication has also been instrumental in reducing the number of card frauds and data cloning. Even now there are a few instances of such frauds surfacing but most of them can be attributed to gullible customers letting their passwords out.

How super wallets can transform the payments industry in India

With the amount of security and money laundering risks still rooted in mobile wallets, we are probably better off using our credit and debit cards to pay more securely for online transactions.

New 'super wallet' products are being introduced as a solution to the threats of cyber frauds. By linking existing bank accounts, credit cards and debit cards on a single platform, users have a choice to decide how they want to pay for goods and services. Super Wallets store bank account information and not money, which means that users don’t lose out on interest in the mean time. Super wallets bring together different platforms, devices and channels to make the process of payments as seamless as possible.

The human race is continuously on the cusp of evolving to the next level. On this backdrop, Super Wallets can be considered as the next leap towards advancement in the new-age digital payments ecosystem. The need-gap analysis left unaddressed by mobile wallets, particularly from cyber security perspective, is perfectly overcome by the value proposition offered by super wallets. Super wallets will certainly help tide over the cyber fear.

 

(Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of YourStory.)