Nov. 8, 2016, is etched in my memory as the day the Indian government made a life-changing announcement regarding demonetization. With higher value currency being made invalid for transactions, my fancy Michael Kors wallet faced a sudden existential crisis.
While the early days of demonetization brought a mad scramble to ATMs and banks, mobile wallet providers have been laughing their way to the bank ever since. With cash being limited, a lot of people have been turning to mobile wallets to make all kinds of transactions.
Why I Ditched My Designer Wallet for a Mobile Wallet
Despite being wary of mobile wallets, I resorted to a cashless transaction facility other than internet banking, and why not? It turned out to be convenient than carrying cash around.
A mobile wallet is a mobile application that enables customers to preload money or link their debit accounts to be used for transactions at retail stores, bill payments and more. This is certainly easier to carry than my physical wallet, which was bulky and occupied too much space in my bag. In additional to popular private vendors such as PayTM, MobiKwik and Citrus, banks have also joined the mobile wallet bandwagon.
Security Risks Remain a Concern
While a mobile wallet is convenient and immune to many risks associated with credit cards, it is still as vulnerable to mobile security threats as any other application. Mobile security is critical as bring-your-own-device (BYOD) policies are slowly becoming the norm. Organizations need to ensure that any mobile device connecting to their networks is compliant and that critical business information on the device is secure.
Below are some of the most common risks associated with mobile wallets.
Unencrypted Data
A mobile wallet transmits data over a wireless network, making it vulnerable to the dangers common to such transactions. For example, consumers conducting transactions over unsecure public Wi-Fi networks are vulnerable to snooping cybercriminals since their data is likely not encrypted. Encryption protects data in transit or stored on devices by ensuring that unauthorized third parties cannot access critical information.
Excessive Access
India is the world’s second largest smartphone market with more than 200 million users, according to Counterpoint Research. Businesses are attempting to capitalize on this market by introducing mobile applications for virtually every service imaginable.
Given the number of applications that already exist on the average user’s phone, it is fair to reason that customers are used to blindly accepting permission requests from applications during installation. An app might request access to the device ID, location services, camera or SMS. A rogue application with too much access to critical information on your device could cause serious problems, but a digital wallet can help safeguard much of this data.
Lost Devices and Weak Passwords
In the case of a lost or stolen mobile device, a customer stands to lose a lot of information. The best way to protect this data is to use strong passwords or biometric authentication. Most mobile wallets allow access to the account from anywhere, which enables customers to block access to applications on a lost device before a potential fraudster can do any damage.
Personal Liability
The greatest risk consumers face when using mobile wallets is personal liability. Users are responsible for any loss of money or information in the event of a breach. Mobile wallet fraud is not protected by insurance.
Mitigating Mobile Wallet Fraud
Though I am still very protective of my designer wallet, I am developing a more cautious attitude toward my mobile wallet as well. Here are a few steps consumers should take to remain a step ahead of cybercriminals looking to pick their digital pockets:
- When selecting a mobile wallet application, consider which vendor provides the best security features.
- Invest in a good antivirus solution for your mobile device.
- Use strong passwords or biometric authentication.
- Download applications from reputed stores only and be mindful of permissions requests.
More than two months have passed since the demonetization rule was enforced, and people have already begun to see the advantages of using mobile wallets. It’s time to take it a step further and ensure the security of our personal and sensitive information.
Watch the on-demand webinar: Shielding Mobile Apps from Critical Vulnerabilities
Content Marketing, IBM BigFix
As a member of the IBM Security division, Betty Joseph leads the content marketing efforts for IBM BigFix on social media. IBM's BigFix portfolio enables cli...