Mobile wallets are poised to dramatically change the payments landscape, but what is holding them back from seeing more rapid adoption?
According to the 2016 KMPG Consumer Loss Barometer, data breaches are one factor. The study revealed that consumers impacted by a data breach remain especially cautious, with 40% of mobile wallet users stating they are not comfortable using a mobile pay app that had recently been hacked. This might explain why by June 2016, nearly two years after its launch, only 23.8% of eligible U.S. users had even tested Apple Pay.
With Javelin Strategy & Research predicting the mobile wallet user base to reach just under 90 million in 2019, the technology is still considered to be the imminent future of payments. Yet, this future hinges on security, as mobile wallets have created an attractive new avenue for fraudsters.
Traditional authentication method such as SMS, KBA and one time passwords all still play a role; however, fraudsters today are too agile for these methods to stand alone. Securing the mobile wallet experience and the entire payments ecosystem requires a more thorough authentication strategy.
Banks and mobile wallet issuers must address two critical questions, not just at the point of transaction, but at the point of the mobile wallet registration: Are we dealing with the right person? and Are we dealing with the correct, authorized device?Upholding the promise of the mobile wallet – a fast, easy and secure payment experience – relies on this combination of identity anddevice confidence, plus improved card provisioning methods to validate payment information added to the mobile wallet.
Even the latest and greatest authentication and biometric tools are only as powerful as the data they access. The mobile network operators hold the data needed to gain device confidence by accurately, quickly: confirming the ownership of a mobile number; understanding whether the device is active or if it has changed hands; and validating ownership of the payment account.
With this insight, banks can better determine whether the mobile device used to initiate card provisioning belongs to the mobile device account owner and effectively mitigates vulnerabilities.
It’s less about what consumers see when they use a mobile wallet and more so what they don't see that will really make or break their payment experience. As more banks endeavor to bring their own mobile wallets to market, authentication should always precede innovation. Whether a consumer is provisioning his or her cards during the onboarding process or making a payment, seamlessness and security will determine whether a mobile wallet lives up to its promise.
Rich Rezek is vice president of market development for authentication solutions at Early Warning.