Throughout the month of June, we're calling attention to Financial Security Practices. As your local resource for all things related to banking, we're here to help you safeguard your hard-earned funds. After all, our life's work is protecting yours.
Join us as we cover warning signs, common scams, best practices for protecting your information and so much more. You don't want to miss this month-long series of useful content and tools for taking ownership of your financial security.
What Makes a Mobile Wallet Safer Than a Physical Wallet?
There are many big myths about the safety of physical wallets like if you have your wallet on you at all times no one can steal from you, or that your credit card has enough security features to keep your funds protected. Myths like these coupled with the new and unknown nature of the mobile wallet world leaves many people vulnerable to stolen cash or card information and even identity theft.
So let's talk about how mobile wallets address and even solve these problems, and what kind of security exists for mobile wallets.
1. Each Mobile Wallet Transaction Is Carefully Encrypted During a transaction from a mobile wallet your bank information is never vulnerable, unlike with a standard magnetic card reader. With a mobile wallet, your phone carefully encrypts your account information (notably NOT your bank, card or other payment information), which the POS then reads through near field communication (NFC). NFC is technology that enables devices to establish a radio communication with each other when they are within a certain small distance. The POS does not read the information, rather, it sends it first to the mobile wallet provider, who de-encrypts the information, sees which account you’re looking to access, and checks your identifying information. Once the provider has satisfactorily proven you are who you say you are, they send along your card information to your payment processor who is the one to actually access your bank information and request that your bank send the money back to them. The payment processor then sends your money along to the store’s bank and alerts the POS that the transaction has been completed.
Unlike a credit card transaction, your payment information is never vulnerable physically in the store. The several steps that the payment has to go through make it difficult for hackers, essentially forcing them to hack the very secure payment processors, as the retailer never actually touches your payment information. A situation like the Target hack would simply be impossible in this system because Target would never be in possession of your data, even at the time of payment.
Magnetic stripe encryption vs. EMV/NFC encryption from North American Bancard’s expert, Darren McCaffrey. It’s easy to tell which encryption is easier to crack.
Many people still fear that someone could take their encrypted data from the NFC, which is actually a slight possibility. However, the data is encrypted so even if they do get it, it will be completely unreadable to them. And if, through some miracle, they could decode what your phone sent, all they would actually get is your wallet provider information which they cannot make payments with, not your card or bank information. Additionally, the encryption that is sent through the NFC is a dynamic encryption. That means your phone generates a new encryption for each transaction. Someone could not simply crack a single encryption and run around paying for things with your mobile wallet, the way they can with a credit card.
2. There's Security for Lost Phones In today's world for most people it's harder to lose you phone than it is your wallet. This isn't to say that you couldn’t lose your phone. And your phone can be stolen. So your phone could be compromised like a physical wallet. The good news is: there are measures that both your phone and most mobile wallets have put in place.
First, your phone can (and should) be passcoded. If it has biometric security features like the iPhone’s fingerprint unlock, that can also be enabled.
However, it’s not really these measures that make mobile wallets safer.
The real thing that makes these safer is the fact that you can go into your mobile wallet provider account from anywhere at any time and turn your mobile payment app off remotely. That way anyone who steals your phone can’t use the app.
Apple phones even allow you to deactivate and wipe the whole phone in the event of a theft or loss. This is not something you can do for physical wallets. Any cash you had is gone, and you have to call your cards up one by one and go through an arduous identification and shutting-off process in order to cancel your cards. If you carry around your social security number, or maybe checks, your bank information and social security number is also gone forever. This is not the case with a lost or stolen phone.
What Do You Think? Ultimately, mobile wallets eliminate the risk that checkout poses to credit cards. Certainly they’re not flawless – nothing ever is – but the security features phones possess are much stronger than the security features invented in the 1980s that physical credit cards have.