Thales Blog

Securing The Mobile Payment Revolution

April 4, 2017

On April 3, 1973, Motorola employee Martin Cooper made the first mobile phone call. Cooper used the opportunity to call Joel Engel, a competitor at AT&T, to tell him he had an operational mobile phone. Without knowing it, Cooper set events into motion that would change the world forever.

Since the time of Cooper’s first call, there has been an explosion of innovation in mobile technologies. One of the most significant innovations came on Jan. 9, 2007 when Apple announced the first generation of the iPhone. In his address, Steve Jobs very accurately noted that “today, Apple is going to reinvent the phone.”

A decade after iPhone’s debut, smartphone usage is skyrocketing. In fact, according to Pew Research Center, 77 percent of U.S. adults have a smartphone, up from just 35 percent in 2011. This broad adoption of mobile technology has deeply impacted our day-to-day lives – from how we communicate to how we navigate and even how we pay for goods and services.

Mobile Payment Security Services

As smartphone adoption continues to accelerate, mobile commerce and payments have become areas of significant growth. Over Thanksgiving weekend last year, for the first time ever, retailers saw more traffic from smartphones than desktop computers. This demonstrates the comfort that consumers have with using their smartphone in more and more situations, as well as the convenience they offer.

Digital payments are poised to completely reimagine the purchasing experience, enabling retailers to take their entire store and put it directly in the consumer’s hands. Payments will no longer be a separate part of the physical shopping experience and will instead be embedded in the merchant application. Uber is the classic example of this new type of payment experience.

Walmart Pay is a different type of example. Launching the service in late 2015, Walmart became one of the first retailers to offer its own payment solution that works with any iOS or Android device. With this method, the cash register at the store displays a QR code, which is scanned by shoppers to pay over the Walmart application on their phones. This approach not only leverages a merchant’s mobile application, but it also enables more digital options, such as electronic receipts for the consumer.

Additionally, this approach provides more flexibility in payment options for the merchant, without impact to the physical store environment or payment infrastructure. More reliance on the consumer’s device for the overall commerce experience also increases how security strategies are defined and deployed to avoid fraud. Presumably the store only receives indication that payment has been made, not the actual payment information, thereby avoiding exposure of sensitive data.

Many other retailers have launched their own mobile payment applications. Kohl’s Pay,launched in October 2016, aims to foster customer loyalty with rewards programs and speed up checkout in stores – an increasingly important consideration for shoppers. It was also announced earlier this year that Target plans to launch its own mobile payment service. While the official launch timing is unknown, the payment service would also allow customers to pay for goods using an app on their mobile phones.

As we see growing adoption of mobile devices for delivering services and embedded payments, it is now up to the industry to make use of these digital payment components to fuel innovation in bringing about seamless and quick consumer experiences that are not compromised by lax security measures. One of the great advantages of mobile payments is that – if implemented appropriately – they can actually bring more security into the payments landscape. It will require a holistic approach to application, authentication, and payment security, where cryptography is an important aspect.

Digital commerce and payments are business enablers because they allow companies to cut costs and middlemen, and speed up the transaction process. Consumers can also benefit with simpler and more customized services. Digital commerce and payments are here to stay, and mobile devices will be a key part of delivery; this is inarguable. Instead of chafing against the unknown, security vendors must work with digital service providers to ensure data is protected and only accessible by those authorized to do so – without stymying efficiency and convenience.