November 30, 2017 By Domenico Raguseo 2 min read

When it comes to mobile transactions and payments, consumer expectations are evolving. When a consumer purchases an item or service, he or she naturally expects to receive that service. When a traveler books a hotel room, for example, he or she expects that room to be available upon arrival.

Furthermore, the consumer’s personal information should be used solely for the purpose of completing that transaction, not to solicit future business. Most importantly, the consumer demands robust security around the transaction to protect his or her personal information from fraudsters who may be looking to fund a vacation of their own with stolen credit card data.

These expectations have remained largely unchanged over the past several decades. What has changed, however, is the way vendors, retailers, financial institutions and other service providers process mobile transactions and payments.

Digital Transactions and the IoT

A transaction, financial or otherwise, is an exchange between a source — usually a person using a smart device — and a recipient. The digital ecosystem known as the Internet of Things (IoT) is based on the intelligent integration of billions of devices, all of which are potentially vulnerable to cyberthreats.

Fraudsters can bring down entire systems by compromising just a handful of devices. The Mirai botnet, for example, enslaved millions of connected devices to attack Dyn, a major domain name provider, in October 2016. This unprecedented distributed denial-of-service (DDoS) attack took down many popular websites by sending massive amounts of traffic that Dyn’s servers couldn’t handle. The incident served as a wake-up call for the security industry and demonstrated cybercriminals’ ability to affect large swaths of the internet by hijacking the very devices that initiate a growing portion of transactions around the world.

Best Practices for Securing Mobile Transactions and Payments

Mobile transaction technology is growing more complex and faster as providers endeavor to improve the user experience. This presents myriad challenges related to privacy, monitoring and cybersecurity in general. The fastest and most convenient transaction technologies are often the least secure. For this reason, providers need to see the bigger picture and focus not only on securing their own assets and systems, but also the overall transaction, from the source device to the final recipient of the payment.

Consumers can protect themselves by implementing multifactor authentication on their devices and practicing good password hygiene. Providers should invest in cognitive technologies to monitor user behavior and digest both structured and unstructured threat data that could tip the security team off to specialized malware on the network.

Read the white paper: How digital banking is transforming fraud detection

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today