ISACA research shows that mobile payment technology is mitigating risks
Global IT association ISACA has released new research that finds that advancements in mobile payment security technology are helping to curb risks and improve consumer trust beyond levels typically associated with plastic payment cards.
In its complimentary guide, “Is Mobile the Winner in Payment Security?,” ISACA outlines several advantages of mobile payments in regrads to physical and e-commerce transactions.
The research highlights tokenization, device-specific cryptograms and two-factor authentication as three key technological improvements that are making mobile payments more appealing to both consumers and vendors.
“Mobile payments, with embedded, improved and transparent security controls, are a great example of how security can act as a business enabler, contributing to the creation of end-user trust,” said Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, who is ISACA Board chair and group director of information security for INTRALOT.
According to ISACA, a “key benefit for merchants is that enhanced security should lower fraud and thereby lower costs.”
The research also notes that integrating mobile payments into a merchant’s business generates new opportunities for more customer loyalty programs and allows for purchases in situations where customers do not have access to their physical payment card.
ISACA’s 2015 Mobile Payment Security Study revealed that only 23% of IT and cybersecurity professionals said they believe mobile payments efficiently secure personal information.
Despite these underlying concerns, a Ovum study forecasted that the global number of mobile payment users will reach 1.09 billion by 2019, up from 44.55 million in 2014.
The guide also highlights potential vulnerabilities of mobile payments, including during the one-time enrollment when users register a payment card in the mobile wallet application.
Mobile wallet providers use methods such as sending payment card data and a device’s geographical coordinates to issuing banks, and any discrepancies can result in a call seeking additional verification.
The ISACA guide calls on vendors that adopt mobile payment options to regularly re-evaluate risk control measures to ensure any new issues that could arise are sufficiently addressed.