02/09/2015

By Srivatsan Srinivasan, Product Marketing Manager, Nexmo

With mobile being the most preferred method of internet access there has been a correlative increase in mobile payments(m-payments). With the likes of Twitter, Facebook and Google launching their new buy button options, it has never been easier for consumers to buy more on their mobile phones. However, as m-payments are increasing in volume they are also becoming more and more vulnerable to fraud, especially when people are paying for goods on-the-go during their daily commute. This calls for stronger authentication methods to prevent fraudsters from taking advantage of this relatively new phenomenon.

Security precautions for m-payments without the hassle

Before, commuters would browse on the train into work and then make the purchase on the home PC in the evening, whereas now people are purchasing on the move, leaving the door wide open for fraudsters. According to Forrester, although we spend what appears to be an unlimited amount of our day visiting websites on desktops (including online shops), we spend 80% of our time on our top five apps. As a result, businesses are working with apps such as Facebook to find alternative routes to reach consumers (and into their wallets!).

To put it into perspective, nearly a fifth of e-commerce shopping now takes place on the daily commute with the average consumer spending £36 per week, rising to £44 per week for London commuters. As this transition from desktop to mobile takes place in the online commerce world it is vital that consumers are ready to protect their data from unwanted prying eyes.

Merchants and consumers alike need to make sure that they have suitable security precautions and authentication methods in place to address these issues. Nowadays, the answer to the account recovery question ‘What is your mother’s maiden name?’ can be discovered by a couple of Google or Facebook searches. This calls for a unique process to reset account passwords securely to prevent hackers from gaining access to the consumer’s account with widely distributed information.

However, this process needs to be carried out without affecting the user experience. Businesses are reluctant to implement technology which may be a nuisance for customers and will affect the merchant’s shopping cart conversion rates. With this in mind, an effective process needs to be put in place with minimal effort on the part of the customer.

Avoid fraud with stronger authentication

Phone number authentication can be an easy method for both merchant and consumer to avoid m-commerce fraud from account hacking and account takeovers while involving very little extra effort on the customer. The safe way to confirm any purchase is by entering a one time password received on the consumer’s mobile phone through voice or text messages. In conjunction with a password that is only known by the user, the phone that only the user has access to constitutes strong authentication and helps minimise the potential danger of fraudulent transactions. The European Banking Authority has recommended that payment service providers use of strong customer authentication to verify customer identity before proceeding with an online payment.

It is also important for consumers to use a secure internet connection. It is not advisable to make a purchase when connected to a public Wi-Fi network because someone connected to the same network could be tracking all activities with somewhat dubious intentions. When commuters are buying whilst travelling into work, they will tend to connect to the public Wi-Fi available on their mode of transport which provides visibility to everyone else on the network, including fraudsters.

Bearing in mind that there are thousands of websites on the internet, some of which are fraudulent, it is important to look at the address bar before making a transaction and look out for the image of a padlock and https at the beginning of the website address. This indicates that the connection is encrypted using TLS/SSL technology, which prevents access of third parties that may be connected to the network and serves as certification of veracity of the site, showing that they are performing a secure data transfer.

Two-factor authentication and a few simple processes will help consumers safely authenti-cate their online payments when travelling to work and during their everyday life. The way we use the internet is constantly changing with mobile apps, websites, social media sites and as businesses keep up with these trends by offering new ways of buying online it is on the part of the consumer to make sure they protect their identity and information when buy-ing online. On the part of the merchant, it is even sensible to go as far as doing a bit of desk research when using a new service, to see what other users think about the quality of ser-vice, possible problems, pros and cons, etc. This way you can avoid unpleasant surprises and acquire a service that really meets the consumer’s needs.