However, a user of the app recently had to face spam payment requests, causing inconvenience. This raises an issue of the security of the system and bugs in the interface. Other problems inculde freezing of payments page, generating multiple unsuccessful one time passwords (OTPs) or no OTP at all.
The curse of popularisation
“At some point of time, we are going to see the same vulnerability as banks,” says Kothavala. Arguably the biggest concern regarding digital payment is the fact that people are worried about security.
As usage increases, there is a need for improving security in digital wallets transactions. “Digital wallets and mobile wallets have increased usage, adoption and improvised security,” explains Kothavala. However, a study conducted by the Information Systems Audit and Control Association (ISACA) last year says, 47 percent of cybersecurity experts claimed that mobile payments are not secure. The more interesting part of the report was the overwhelming majority of 87 percent anticipated an increase in mobile payment data breaches over the next year.
With the rise in usage there is an increase in security measures including, pattern locks and biometrics. Kothavala adds, “We have to train users as effectively as possible in understanding these methods”. However, taking precautions in case of cyber-attacks is an area that requires attention as well. The level of convenience with digital payments cannot hide the fact that it’s our money in these wallets and we don’t want it going away to any number of unknowns.
Solution for securing transfers
IDComplete from ID Global Solutions Corporation, utilises a secure encrypted irreversible tokenisation process with multi-factor authentication to enable secure real-time cardholder verification. This could be another interesting solution in making digital payments safer. Cryptocurrency like Bitcoin and Blockchain are also some safe steps in this regard. Blockchain is estimated to be able to save global businesses up to $550 billion each year. Per experts it can provide more reliable transparent and authentic way of exchanging assets.
WeChat from Tencent allows some interesting features for securing your mobile wallet. You need to have a separate password for accessing your wallet and a different one for authorising payment. This is different from the phone lock that you might keep. Then there’s the possibility of resetting your password which requires bank details to be re-entered for validation. If this was not enough, big data analytics monitor the transaction data for any suspicious activity and any unauthorised transactions. And if this doesn’t solve things, you can either freeze your account or apply for a cashback. Now that’s a thing or two to learn from.
Lack of inter-wallet transactions
Kothavala explains, “To execute a transaction, the other party should have the capability to accept the payment”. At present, you can execute a transaction only if both parties involved follow the same e-wallet. Which is a major problem. Imagine not being able to use your debit card at a restaurant because the restaurant is registered with a different bank. Interoperability maybe a difficult thing to pull, but if that can happen, this then becomes a whole different ball game. Till then, e-wallets will be gift cards with a wider variety of usage.
Common interface is one of the solutions
Users cannot properly engage in mobile transactions until some common interfaces are defined. A common interface could very well bring out the benefits of using mobile phone as a wallet that allows convenient transactions when compared to earlier channels. Even as a country, we have a unified transaction method of cash to get us around. The lack of a global standard makes the use of digital payment systems more of a hassle than a convenience when traveling abroad.
Host card emulation (HCE) is one example of securing transactions for mobile devices. It emulates a payment card only a mobile device based on software. It offers multiple benefits to a very wide range of mobile users with near field communication (NFC) payment ecosystem. Earlier, the details were stored on the device calling for a secure element. With the involvement of HCE, this information can now be stored outside the device, hence removing any third-party involvement.