How Mobile Payments Deliver Security

Jason Oxman
September 17, 2014 – In light of the recent Apple Pay announcement, there has been a lot of buzz around the security of mobile payments. Apple Pay illustrates a series of defenses that make mobile a natural choice for secure payments.

To get started using Apple Pay, a consumer can simply take a picture of their credit card or link to a card previously stored in the user’s apple account. At that point, they’re ready to pay – not using the digits printed on the card, but using a Device Account Number provided through the payment network or issuing bank associated with the card. The Device Account Number is stored in the phone’s secure element, a chip that can emulate a contactless EMV transaction. The secure element hosts authorization, and is considered safer than magnetic stripe technology.

When an individual is ready to make a purchase, they will unlock their device with their fingerprint, using Apple’s “touch ID” feature.  Biometrics have long been touted as one of the best safeguards in payments – your unique fingerprint simply can’t be hacked.

Once unlocked, the customer simply taps their phone to the merchant’s payment terminal, completing the transaction. Apple Pay utilizes NFC (Near-Field Communication) to communicate and exchange data. The data is tokenized – meaning that it takes the form of a code exclusively applicable to a particular transaction, and therefore is impervious to data theft. Even if a merchant’s system is breached, credit card information would remain secure, as the expired token code would be the only stored information.

Layering levels of protection and employing an array of security technologies, mobile payments are strengthening electronic payments and making the digital wallet more appealing than ever before.

For more information on mobile payments security, click here to access ETA’s recent whitepaper, “Better Security Through Mobile – ‘The One-Two Punch’ – Industry Best Practices”.
[spacer height=3] [divide] [spacer height=3] Jason Oxman is the CEO of the Electronic Transactions Association.