News & Commentary

11:15 AM
Bryan Yurcan
Bryan Yurcan
Commentary
Connect Directly
Facebook
Twitter
Google+
RSS
E-Mail
50%
50%

Mobile Commerce: The Next Fraud Frontier

Mobile commerce continues to grow, but fraud prevention tactics in this channel need to grow at an equal pace as well.

As mobile payments and commerce become more commonplace, fraud associated with them does too, which means yet another potential security headache for banks.

As we've seen in recent weeks, even physical POS terminals are not safe from cyber attacks and fraud attempts. With the attacks targeting Target, Neiman Marcus and other major retailers last month, cyber security and fraud prevention is in the public mind more than ever right now. And this means banks must be more vigilant than in the past. If a third party, such as a retailer or vendor, gets hacked and valuable financial data gets stolen, a bank will still be partially blamed in the court of public opinion even if it was not at fault.

The next frontier in the security war may be in the realm of mobile commerce, according to a new study released this week from LexisNexis in conjunction with Javelin Strategy & Research.

The study found that more retailers than ever before accept some form of mobile payments, but rely on fewer fraud solutions in that channel. LexisNexis reports that the mobile browser and mobile applications represent the dominant acceptance channels for mobile commerce with 55 percent and 38 percent of mobile merchants accepting these channels, respectively. However, the largest growth channel is in mPOS (mobile point-of-sale) hardware; seven percent of merchants used mPOS in 2013 after no merchants reported using it in 2012. Another key segment that is growing according to the study is small merchants, with the study reporting that 39 percent say they are attracted to the mobile channel, but also that their fraud levels are high because they are less aware of fraud detection schemes.

Unfortunately, a bank can't control the fraud prevention systems retailers and other third parties have in place. So what's the answer? While there's no way to completely prevent mobile fraud, cooperation plays a big role in mitigating it. The LexisNexis study suggest that retailers accepting mobile payments should maintain open communications with financial institutions and other mobile merchants to better understand the evolving nature of fraud threats and solutions.

Meanwhile, a SWIFT whitepaper from last year says cooperation between banks, merchants and payments systems is necessary, though it can be sometimes difficult to realize these partnerships. "Not one single bank or mobile network operator covers the whole world, so there is a need for cooperation and partnerships," the paper reads. "Joint ventures between mobile network operators may not be obvious as they are very competitive on their core voice and data business. Joint ventures with banks may not be obvious as parties have different business objectives, different perspectives on revenue sharing, and different mind sets."

Ultimately, preventing fraud in any channel requires cooperation between the different stakeholders, not bickering. Cooperative efforts are needed in the new cyber security world we live in.

[See Also: Can Security Be More Than the Topic du Jour?]

Bryan Yurcan is associate editor for Bank Systems and Technology. He has worked in various editorial capacities for newspapers and magazines for the past 8 years. After beginning his career as a municipal and courts reporter for daily newspapers in upstate New York, Bryan has ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Byurcan
50%
50%
Byurcan,
User Rank: Author
2/6/2014 | 3:08:33 PM
re: Mobile Commerce: The Next Fraud Frontier
True, consumers want convenience when it comes to mobile devices, but don't also want to jump through too many security hoops.
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
2/5/2014 | 7:33:45 PM
re: Mobile Commerce: The Next Fraud Frontier
If you look at it a certain way, securing the mobile channel shouldn't be all that difficult. I think the threats will be very similar. It's supposed to be easy to move malware form the online to the mobile space. So it's likely that fraudsters will try the same kinds of attacks in mobile that they do online, and security professionals have a lot of experience combating those attacks. The tricky part is the collaboration, like Kathy said. That's where things could get tripped up, and with the mobile space being so competitive right now, I think it's likely that there will be more than enough players who don't want to collaborate.
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
2/5/2014 | 7:29:20 PM
re: Mobile Commerce: The Next Fraud Frontier
I hadn't heard about that. That's really scary. Happy I don't pay with the Starbucks app.
Kelly22
50%
50%
Kelly22,
User Rank: Author
2/5/2014 | 6:48:45 PM
re: Mobile Commerce: The Next Fraud Frontier
Good point, Ivy. Even if a user creates a trickier password, it won't do them much good if they use the same password on every account. Once one is hacked, the rest are vulnerable.
IvySchmerken
50%
50%
IvySchmerken,
User Rank: Author
2/5/2014 | 5:02:00 PM
re: Mobile Commerce: The Next Fraud Frontier
Some of the risk associated with mobile apps could relate to consumers' passwords. Maybe users are staying with simple passwords on mobile apps because we all tend to want to get fast access/instant gratification. Not to mention, how hard it is to remember all the various mobile password apps we are using for different banks, retailers, etc.
KBurger
50%
50%
KBurger,
User Rank: Author
2/5/2014 | 4:44:27 PM
re: Mobile Commerce: The Next Fraud Frontier
To Nate's and Bryan's points, today it's more about procedures & policies than inherent technical weakness. However, as uptake of mobile commerce accelerates, as it inevitably will, it is likely to be more of a target for fraudsters -- they go where the money/action is. So the smart thing will be for all players in the mobile commerce ecosystem (mainly but not exclusively banks and retailers) to add security and fraud prevention capabilities to the payment services. Unfortunately, as the current antagonism between banks and retailers regarding responsibility for the recent card breaches suggests, that kind of collaboration is not likely to occur soon.
Byurcan
50%
50%
Byurcan,
User Rank: Author
2/5/2014 | 1:49:08 PM
re: Mobile Commerce: The Next Fraud Frontier
I don't think they are any less inherently secure, but the issue is, as you mention, users are less vigilant in this channel. People treat their smartphones in a way they never would desktops or laptops. They just want convenience, tap an app and have something happen, but are annoyed to go through any security protocols.
Kelly22
50%
50%
Kelly22,
User Rank: Author
2/4/2014 | 8:16:20 PM
re: Mobile Commerce: The Next Fraud Frontier
Retailers new and old to mobile commerce should pay more attention to security. Just last month, Starbucks had to update its mobile app with new security measures after someone found out that they were storing passwords, emails, usernames, and credit card and GPS info in plain text, which hackers can easily get to. Kind of scary, considering how many people pay with the Starbucks app.
Nathan Golia
50%
50%
Nathan Golia,
User Rank: Author
2/4/2014 | 5:40:47 PM
re: Mobile Commerce: The Next Fraud Frontier
I wonder if the issue is that mobile platforms are inherently less secure, or the users are less vigilant in best practices around passwords/updates, etc. I certainly don't think these issues have to do with the wireless nature of the connections.
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology - August 2014
Modern core systems are emerging as the foundations of effective channel integration and customer engagement initiatives.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
New IT Models for New Financial Services Challenges