The nature of identity fraud is changing. With the rollout of smart chips in credit and debit cards making it more difficult to steal using cards themselves, thieves have their eyes on your data instead.
If you don’t protect yourself, you could join the millions of Americans who reported they got hit by identity thieves.
While mobile banking and payments are certainly making it easier and more convenient to handle one’s finances and conduct business, the same ease and convenience make them a ripe target for criminals, says Madeline Aufseeser, CEO of fraud prevention company Tender Armor.
“Because merchants are trying to make it easier for consumers to shop online and on their phones, all your credentials are stored online, including payment information, and you don’t even need a basket — just click a button and boom, you get charged. Because they have gone down this path of making things easier to purchase online, it makes it easier for the fraudsters to get to the data,” said Aufseeser.
Consumers are turning to their phones more often to manage their finances, from depositing funds to paying bills to splitting dinner and a movie among friends. Mobile payment apps are growing in popularity, particularly among Millennials. A survey by FICO found that 32% of consumers 18 to 34 had used some kind of mobile payment app, and 23% had used a peer-to-peer lending app. According to consulting firm Accenture, 94% of consumers under 35 access their banking services through the Web and mobile apps.
Don’t be a victim! Here are 4 ways to protect yourself and your finances:
Safety tip # 1: Update your OS
People who are not careful about how they use their mobile payment apps, where they use them and how they manage their mobile devices, are putting themselves at risk. For starters, avid users of mobile payment services should always keep their mobile operating system, or OS, up to date. Ignoring updates for Android or iOS means ignoring free security patches for vulnerabilities hackers already know how to exploit.
Safety tip # 2: Update that app
The same goes for the apps themselves — keeping a payment app completely up to date means keeping its security protocols as strong as they can be. Some apps introduce new security features, like biometric sign-in capabilities. Aufseeser stresses the importance of two-factor authentication for passwords and personal information to double down on account protection.
Safety tip # 3: Beware of Wi-Fi
Accessing a mobile banking app or a payment app while on public Wi-Fi also makes it easier for criminals to “eavesdrop” on the information one’s phone is sending and accessing, exposing usernames, passwords and any stored information on the phone — including saved credit or debit card info from payment apps. Consumers with data to spare should limit their use of public Wi-Fi hotspots when accessing sensitive information, checking a bank statement, sending a payment, etc. Keep in mind, fraudsters and hackers can eavesdrop on any information sent over public Wi-Fi, so mind your browsing and emailing in public spaces.
Safety tip #4: Watch out for person-to-person payments
Besides guarding yourself from hackers, you have to be on guard about the people you do business with as well. The wild west of mobile payments has tangible, real-world fraud risks associated with it. The incredibly popular person-to-person payment app Venmo, has exposed some of the weaknesses in the mobile payment ecosystem.
While users expect their payments to be safe and instantaneous, the reality is more complicated. Payments take time to process, which leaves a period of time during which scam artists can abuse a clause in Venmo’s user agreement that prohibits “business, commercial, or merchant transactions.” The buyer cancels their payment and the seller cannot get the money back because, technically, they broke Venmo’s rules. In short: If you sell something to someone and they take back their payment, you’re out of luck.
This phenomenon is not unique to Venmo — various frauds and scams have plagued person-to-person payment sites and apps since the dawn of the Internet. Fraudsters populate websites like Craigslist and Ebay and use PayPal scams to rip off unsuspecting users, like having a seller send their item to a different address than is listed on the buyer’s PayPal account, effectively voiding any protections from PayPal and allowing the scammer to recall their payment and keep the item. However, as the Consumer Federation of America noted, there is no federal law that provides payment dispute rights.
Without laws in place, it falls to the company that owns the payment platform to resolve disputes — and when it comes to cybercriminals and fraudsters, they are pretty good at covering their tracks and leaving their victims high and dry. The moral of the story is – be mindful when sending payments with your mobile phone or tablet.