Soulcare Mobile Wallet
  • Home
  • Features
    • Soulcare Mobile Feautres
    • IoT Infographic
    • Technology
    • Mobile Dropdown
      • Kiosk makers
      • Mobile Dropdown
        • Payment Solution
        • Soulcare Organogram
  • Pages
    • Soulcare Mobile
    • Finance - South Africa
    • About US
    • Contact Us
    • Sample Heading
    • Portfolio
    • Photo Gallery
  • Loyalty Programs
    • Lifestyle
    • MotorPlan
    • Pricing
    • FAQ
  • Soulcare
    • Mobile App
    • Investments
    • Videos
  • Marketing
    • NFC
    • NFC Product Showcase
    • YouTube Video's
  • Partners
    • eBay
    • Amazon
    • Proxama
    • Rev Card
  • Wallet
    • Accept Credit Cards
    • Space Wallet
  • NFC
    • NFC Technology
    • Benefits of NFC
    • What It Does
  • Blog
Search
  • Home /
  • Features /
  • Technology

Mobile-payments technology

  • Print
  • Email
Details
Written by Super User
Category: Features
 

By Holly Whitehead, R&D manager, International Compliance Association

Fraud and risk management specialist Kount defines mobile payments in its Mobile Payments & Fraud: 2016 Report as a very broad term for any payment made on a device, be it at physical point-of-sale (POS) or mobile e-commerce payments, which can be further broken down into in-app or mobile web-browser payments.

By 2019, worldwide mobile payments are predicted to surpass $1 trillion dollars and on Black Friday 2016 in the US, online sales from mobile devices totaled $1.2 billion. This made up 36 percent of the total sales for the day, an increase of 33 percent on last year, showing just how popular this channel is becoming.

Types of mobile payments and how they work

As mentioned above, there are two types of mobile payments: online and at physical POS.

Physical POS refers to methods such as Apple and Android Pay. There are several other companies also offering these services, for example, MasterPass (from MasterCard), Samsung Pay and Chase Pay (courtesy of JP Morgan Chase). Most physical POS payments work by utilizing the Near Field Communication (NFC) technology found in most smartphones and is the same technology in your contactless debit/credit card.

The card information is not stored on your phone or given to the merchant. Instead, it creates a 'token' – replacing your card details – which is given to the merchant, making the transaction itself very secure. Apple Pay takes security a step further, requiring all transactions to be verified by fingerprint ID or passcode, whereas with Android Pay you just need to make sure the phone is unlocked and hold it to the contactless terminal.

Apple and Android Pay are also versions of 'mobile wallets' allowing you to store more than one card in them and chose which one to pay with.

Another new piece of technology currently being rolled out across the US is the 'cardless ATM.' This works using a mobile or ‘digital’ wallet, whether that be Apple/Android/Samsung Pay, in the same way you would in store – with all the same security procedures – by selecting the card you wish to pay with and tapping your phone on the contactless reader. An added security step here will actually involve having to enter the corresponding PIN at the ATM for the card that has been selected, a method a lot safer than using a card at an ATM, which can be skimmed, stolen in a ‘distraction fraud,’ or even just left in the machine in a moment of forgetfulness.

Mobile e-commerce makes good use of mobile wallets that can be used on mobile websites or through apps, appearing as the option, for example, 'pay with Apple Pay.' Other choices are also fast appearing, with the option to pay for something online using, for example, Amazon, PayPal, or Facebook. Such options are becoming more popular, as they enable a 'one-tap' checkout process as all personal details are already present and all that is required is to sign into your Amazon/Facebook/PayPal/mobile wallet.

How mobile payments fraud can occur

There are, in theory, very few ways in which mobile POS payments can be abused, considering you need either a passcode or a fingerprint to make any transaction/unlock the phone.

Unless the passcode has been divulged or the customer has been seen ('shoulder-surfed') inputting their passcode by a fraudster, it is as secure as a regular debit/credit card – it is in fact safer as the card number is not divulged to anyone at any stage of the process.

However, stolen debit/credit card details can be used to set up Apple/Android Pay.

With regards to mobile e-commerce payments, a brand new account could be set up using stolen card details which can be obtained from anywhere, for instance the card could have been skimmed or a website hacked. It is also possible that, when an account is set up and the organization sends a text message or makes a phone call to verify the account, in account takeover cases, phone numbers can be hijacked. This means the fraudster can forward the victims calls/messages to their phone and verification is passed with information already phished from other organizations or even bought on the Internet; this also can happen when setting up Apple/Android Pay with stolen card details.

If an already established account is used, then how this happened would need to be identified, for instance, did the customer have a lock on their phone? According to Kount's research, 34 percent of users don't lock their devices and 62 percent of those who do have an easily hackable code such as 1-2-3-4.

With most of these apps not needing a sign on and many people saving their login information for Amazon, Facebook, PayPal, or their mobile wallet ready for next time, the need to have a lock on a mobile device is crucial. Without this, if a mobile device is lost/stolen, a fraudster is basically given free access to a victim’s bank account (or multiple accounts if more than one card is stored in the wallet) to go on a spending spree.

Conclusion

With the proliferation of e-commerce, mobile devices and security enhancements, mobile payments are certain to increase and likely surpass traditional payment methods in the next few years. Likewise, fraud remains a risk that mobile payments providers as well as consumers need to be aware of and take measures against, however simple.

 

Tweet
Pin It
  • Prev
  • Next

What is IT Community? learn more about the community

Sample Community is a place where you can co nnect and expand your network. Also yo u can view profiles, share photos and videos

Why should I participate? many cool features are waiting you!

Sample By connecting and expanding your network you will get more exposure and you will be more inline with your social circles

How can I join? create your community profile

Sample Join thousands of satisfied members which are already benefiting from the Community. Start by creating your Profiles

  • About
  • USA
  • Finance
  • Contact
  • UK

© 2022 Soulcare Mobile Wallet

Member Login

  • Create an account
  • Forgot your username?
  • Forgot your password?
Go Top

French government to include NFC passport reading in digital identity app

By Mike Clark • 4 October 2019
Hand holding smartphone with Alicem and French Ministry of Interior logos over the top
AUTHENTICATION: French citizens will be able to create a digital ID via their smartphone using the Alicem app

A new digital identity service to be introduced by the French government this year will use NFC passport reading to enable citizens to use their smartphone to securely enrol themselves onto the system.

“President Emmanuel Macron’s government is pushing through plans to roll out an ID programme, dubbed Alicem, in November, earlier than an initial Christmas target,” Bloomberg reports.

“An ID will be created through a one-time enrolment that works by comparing a user’s photo in their biometric passport to a selfie video taken on the app that will capture expressions, movements and angles. The phone and the passport will communicate through their embedded chips.”

The new service was announced in May 2019 and has been undergoing testing by the French Ministry of the Interior since June.

The aim is to enable citizens to securely authenticate themselves to any of the 500-plus services available via FranceConnect, a government-backed online services gateway used by government agencies and private sector companies including banks.

The Alicem smartphone app will allow “anyone who decides to use it to securely prove their identity,” the Ministry says.

Advantages include simplified registration — since users will be able to use one eID to access multiple services rather than having to individually register with each service provider — an increased level of security and a high level of user control over their data, it adds.

“Alicem targets the ‘high’ guarantee level in the meaning of the European regulation on electronic identification and trust services for electronic transactions, known as the eIDAS regulation,” the Ministry explains.

“The aim of the eIDAS regulation is to increase confidence in electronic transactions within the European Union for online services, including public ones. It defines three levels of guarantee: low, substantial and high, depending on the degree of robustness of the electronic identification solution in the face of attempts at identity theft on the internet.

How it works

“The identity issued by Alicem is based on the information contained in the secure chip of a biometric title (passport or residence permit),” the Ministry adds.

“When creating the account, Alicem checks by facial recognition that the person who uses the smartphone is the holder of the title.

“This high level [of security] will gradually give the possibility to access services that currently require ‘physical’ verification of peoples’ identity, either at a counter or by examining copies of several documents sent in by the user.

“Personal data is only stored on the user’s mobile phone, under their exclusive control. With Alicem, the data is shared only with the online services to which the user chooses to connect. Sharing is only validated after the user has entered his security code.”

“No biometric data can be shared,” the Ministry adds. “The photo extracted from the chip of the title remains stored on the mobile phone of the user.

“The facial recognition video made when the account is created is deleted immediately after verification. The data will not be processed and will not be passed on to third parties.”

App registration

To register with Alicem, the first step will be to create an account on the app, French language technology publication 01net explains.

“In the manner of a contactless payment, you will need to scan the biometric chip of your electronic title (passport or residence card) using the phone. The system then has access to the data stored therein — except fingerprints — which will then be checked.

“This step deals with the authenticity and integrity of the document as well as the current validity of the document.”

The final step is to perform biometric identity verification using both a static photo and a dynamic video.

“In front of your screen, you have to move about so that the camera captures the features of your moving face,” the publication says. “Finally, at the end of this process, the ‘digital identity’ is generated.”

 

×

  • Follow via Facebook
  • Follow via Twitter
  • Follow via Pinterest
  • Follow via LinkedIn