How secure is my Digital Wallet transaction?

Forrester report states that Digital Wallet transaction activity will grow up to $17 billion in volume by 2019, in the United States alone. This raises fear in the consumer’s mind about the security aspects concerning Digital Wallets. My last article discusses about working and benefits associated with digital wallets. Today, I would present the flip side of the wallets.

Risks associated with the Digital Wallet

• Enormous Financial Investment: The initial monetary investment for building a functional digital wallet application is quite large. It initially requires software development, continuous maintenance, updates and fixes associated with it. Upon acquiring software, the business would also require installation of the corresponding hardware in stores, which also multiplies the costs involved.
• Support Technology: There are few supporting technologies to choose from at the moment, with NFC terminals and phone readers being the most prevalent. In the case of digital wallets, they can only function with a corresponding hardware device for each application. NFC terminals and specialize scanners are the only devices created at the moment that will support the processing of digital wallet payments; thus, it is very limited because the technology is still in evolving phase.
• System Outages: Information for digital wallets is stored on the of business servers clouds; therefore, the risk of a system malfunction or shut down is always present. As a result, businesses will not be able to process payments or become increasingly slow due to high traffic in the servers.
• Security: Companies must ensure that their customers’ information is encrypted and well protected. One of the biggest concerns of adopting a digital wallet application is ‘will my information be safe’? A barrier that companies face and must develop safe and full proof security systems to avoid potential security issues.

How can we address the security concerns?

Nevertheless, there are tremendous opportunities in this domain. For instance, Oxigen Wallet, one of the leaders in the digital payment space is in talks with Visa, RuPay to launch virtual prepaid cards. It is definitely emerging as a domain that many start-ups plan to venture in. According to a study by research firm RNCOS, the current Indian market size for mobile wallet (m-wallet) stands at about Rs.350 crore and is estimated to rise to Rs 1,210 crore by 2019.

With the rising mobile penetration in India, this is definitely a market to look out for.

There are implied risks of storing a customer’s credit card details on smart phones. The biggest of these is losing your phone. People lose their phones every other day. A pin will be necessary for the transaction to be processed. A possible security measure could be to disable the wallet if three erroneous PIN attempts are made. The most obvious issue would be having someone recover a lost phone or steal a phone and figure out the security code. But how to counter it?

Mobile payment technology is based on over-the-air (OTA) communication. Like all wireless Internet technologies, there is a risk of the device being compromised. Hacking into mobile devices has become quite common nowadays. In fact, a hacker can hack into a device without even having the phone physically. Digital wallet providers, such as Google, and their partners will need to establish that the technology is secure before they can get buy-in from consumers.

A classic case for understanding security measures is the Google Wallet. Google has already made some security measures for their Digital Wallet. The computer chip in the Digital Wallet-enabled device will be separate from the device’s OS. The device will also require the user to input a PIN every time a purchase is made. Currently, credit card users make purchases without inserting PIN every time they make a purchase. In a sense, the Digital Wallet may be more secure than existing credit cards.

According to the Google Wallet website, “A locked wallet is a safer wallet.” Google’s security precautions include a PIN that must be entered before a transaction can be processed. The security chip on devices, called the Secure Element, encrypts the credit card information. This chip runs separately from the operating system and is capable of running programs and storing information by itself. Only trusted programs can access this chip, thus providing an extra layer of security to the digital wallet. There is another layer of protection on the Google Wallet in the encryption method between the wireless device and the device reader of the participating merchant. All of these security measures were adopted by Google to provide a technology that could be considered safer and more secure than the traditional wallet.