Congress investigates security of mobile payments
The House Energy & Commerce Committee held a hearing Tuesday to preliminary review disruptive technologies in the mobile payments space, according to a report by Bank Info Security.
With testimonies from PayPal, Samsung Pay and the Merchant Customer Exchange, the hearing’s main takeaway was that while most mobile payments options offer stronger user authentication and convenience, they fail to provide the same legal and legislative protections as other methods.
Though the committee did not reveal any plans to take legislative action regarding this issue, it called on stakeholders to provide additional comments and concerns about mobile security over the next 30 days.
“We want to explore the new ways consumers are paying for goods through their mobile devices, and how consumer information is being secured on mobile devices,” said Rep. Frank Pallone Jr., D-N.J. “We want to be sure that information saved on mobile devices is secure, even if data on mobile devices can still be hacked.”
Meanwhile, Sarah Jane Hughes of the Maurer School of Law at Indiana University said that lawmakers will need to determine whether Congress should enforce the same regulations regarding consumer fraud protections and privacy on mobile carriers, payments gateways and mobile service providers as they do with banking institutions.
Hughes mentioned the federal regulatory requirements imposed under the Electronic Fund Transfer Act [Regulation E] and the – EFT and [Dodd-Frank Wall Street Reform and] Consumer Protection Act, which only apply to banking institutions.
“Protections for mobile do not exist, and that is a big issue for the unbanked and underbanked, who don’t have credit or debit cards,” said Hughes. “Consumers who bill to a mobile phone statement, as opposed to a financial institution, do not have the same level of protections.”
In addition to these legal requirements, banking institutions have also expressed their concerns about the security practices of non-bank payments providers and processors, Hughes said.
“The potential for a mobile payment provider and the downstream payments participants necessary for clearing and settlement of the payment back to the merchant involved to collect and use information about the customer’s spending habits and vendors of choice is, and will continue to be, substantial,” Hughes said. “Whenever additional entities handle payment and user information, the risks of capture and improper use of these data grow. Thus, a multiparty, mobile-payments downstream network could create privacy risks in a degree comparable to or greater than privacy risks experienced in credit and debit transactions.”
John Muller, PayPal’s VP of global payments policy, told the committee that the multiparty networks that often process mobile payments have a fair share of security challenges. For this reason, stronger authentication practices, such as biometrics, are becoming a necessary component of mobile payments.
“Biometric authentication features on mobile devices are radically changing this [mobile] model and, subsequently, are minimizing damage done in a breach or hack,” Muller said. “Through PayPal’s leadership and collaboration with Samsung and the FIDO Alliance, PayPal was the first payment company to introduce fingerprint biometric payment authentication on Android mobile devices.”
Sang Ahn, chief commercial officer for Samsung Pay in the U.S., told the committee that Samsung Pay also uses biometric fingerprint authentication for transactions.
Ahn added that Samsung’s “smartphones incorporate the Samsung KNOX security platform, keeping all payment data locked and secure” while “other mobile payment solutions employ tokenized transactions… [but] these solutions only work in the small fraction of stores with NFC-equipped terminals.”
Despite a lack of regulations oversight, mobile payments providers are given enough guidance to put into place a set of best practices that can effectively protect consumer privacy and provide greater security for transactions, Hughes testified.
Article Topics
banking | biometric authentication | biometrics | fingerprint biometrics | mobile payment | mobile transactions | privacy | security | smartphones | U.S. Government
Congress investigates #security of #mobile #payments https://t.co/3Flk2YiXnp
Congress investigates security of mobile payments https://t.co/qjzeMOtoFk
Congress investigates security of mobile payments | BiometricUpdate https://t.co/ceAXFyUB1i #biometrics
RT @BiometricUpdate: Congress investigates #security of #mobile #payments https://t.co/3Flk2YiXnp
Congress investigates security of mobile payments – Biometric Update https://t.co/XbznXYgiKo
RT @BiometricUpdate: Congress investigates #security of #mobile #payments https://t.co/EdPv53vWiU
Congress investigates security of mobile payments | BiometricUpdate https://t.co/7IRTs9sZ6N #biometrics
#UnitedStates Congress investigates #security of #mobile #payments https://t.co/9T5JdHLHCu https://t.co/BaKH5JytKR
RT @LaffertyEvents: #UnitedStates Congress investigates #security of #mobile #payments https://t.co/9T5JdHLHCu https://t.co/BaKH5JytKR
RT @BiometricUpdate: Congress investigates #security of #mobile #payments https://t.co/dOoJpUtRDl
#MobilePayment security is under congressional spotlight. @BiometricUpdate https://t.co/h9ntcqsbvf #biometrics
Congress investigates security of mobile payments | BiometricUpdate https://t.co/I2dbrHmToL #biometrics
Congress looks at #mobilepayment security. @Paypal VP says biometrics changing the game. https://t.co/v25IsT8m4L @biometricupdate
RT @eyeverify: Congress looks at #mobilepayment security. @Paypal VP says biometrics changing the game. https://t.co/v25IsT8m4L @biometricu…
Congress investigates security of #mobilepayments
https://t.co/vwwqrsswsE
RT @paymentsjournal: Congress investigates security of #mobilepayments
https://t.co/vwwqrsswsE
RT @eyeverify: Congress looks at #mobilepayment security. @Paypal VP says biometrics changing the game. https://t.co/v25IsT8m4L @biometricu…
RT @BiometricUpdate: Congress investigates #security of #mobile #payments https://t.co/KdyGSkpJju
RT @BiometricUpdate: Congress investigates #security of #mobile #payments https://t.co/pXD11Mgwwx
RT @BiometricAlli: RT @BiometricUpdate: Congress investigates #security of #mobile #payments https://t.co/KdyGSkpJju
RT @rawlsonking2: RT @BiometricUpdate: Congress investigates #security of #mobile #payments https://t.co/pXD11Mgwwx
Congress investigates security of mobile payments | BiometricUpdate https://t.co/Heua6AACSC #biometrics
RT @NICPayments: Congress investigates security of mobile payments | BiometricUpdate https://t.co/Heua6AACSC #biometrics
Congress investigates security of mobile payments https://t.co/uh04oAWqFp
Congress investigates the #security of mobile payments https://t.co/h3rTnZYxTP
Congress investigates #security of #mobile #payments: https://t.co/3Flk2Y1mvR
RT @BiometricUpdate: Congress investigates #security of #mobile #payments: https://t.co/3Flk2Y1mvR
RT @BiometricUpdate: Congress investigates #security of #mobile #payments: https://t.co/EdPv53vWiU
RT @BiometricJustin: RT @BiometricUpdate: Congress investigates #security of #mobile #payments: https://t.co/EdPv53vWiU