leyendas-pago-movil Cybereconomy

3 dismantled urban myths about mobile payments

27/06/19 7 min. read

Paying with your Smartphone or any other device is a current reality. Banco Santander’s clients can make payments using their Wallet App or other applications like Apple Pay, Samsung Pay or Google Pay. They can also make payments with their smartwatch and workout bracelets like Garmin and Fitbit ones. 

Nevertheless, a great part of society keeps showing rejection in substituting their physical cards with their phone. This rejection is fostered by urban myths that are not true, and that’s why I will dismantle them.

The 3 most common urban myths regarding mobile payments

1. They can steal money without you noticing

paying with smartphone nfc

What is the urban myth?

“Taking advantage of the overcrowding in public transportation, the thief comes closer to the victim and approaches a POS (Point of Sale) to their bags or purses. If the POS matches with the smartphone or contactless card, it makes an involuntary payment”.

Maybe this is the most spread lie about mobile payments (and also about contactless cards). I am sure you have either been told, read it or even watched the video that was disseminated in social media.

Why is it a lie?

I will give you four reasons that will make you forget this urban myth:

  • To read a contactless card or to capture the signal of the Wallet, it is necessary to approach the POS to the mobile phone or card, or at a distance no greater than 4cm. If the thief was that close to the victim, it would be invasive and suspicious, right?
  • Contactless technology is so widespread we all have more than one card that uses that kind of tech. Transport card, our office access card or other credit cards with this technology. When several of these cards are put together, it is almost impossible to read the signal of just one of them, hence why the payment cannot be carried out.
  • Aside from the limitations of NFC technology, Wallets don’t initiate the payment unless the user has unlocked its phone, either with the PIN or by using biometry. [👉 Do you know what Biometry is?]. This security measure obliges to carry the authentication out in the phone. Thanks to it, introducing the card’s PIN in the POS isn’t necessary, avoiding indiscrete eyes and increasing security.
  • If these security systems weren’t actually enough, each POS is associated to an establishment whose owner is responsible for its proper use. In the case where deceitful payments were made, it would be very simple to identify who is the owner of the terminal used to carry the scam out.

2. They can hack my Smartphone and clone the credit card

hacked smartphone

What is the urban myth?

“ I can have a virus or maybe someone has hacked my phone, and with that they could access my cards to clone and use them freely”.

This is another example of an urban myth you may have heard – or even contributed to spread without knowing it wasn’t true- about the risks of mobile payments. Keep on reading because we will deny this affirmation.

Why is it a lie?

The truth is that in our phone we don’t have our credit card numbers stored. When we register our credit cards in our Wallet to make payments, what we store is a token that refers to this card. The storage of this data is made in the safe element of the phone, whose security is hardly penetrable.

Only the card brand (VISA, Mastercard) and the bank know the correspondence between that token and the physical card. When a payment is made, what travels in the network is that token next to a single use password key. Even if someone caught the message and tried to replicate it, the token won’t allow any action to happen. It needs a single use key for the payment to be made.

But, what if my phone is infected with a virus or the App I have isn’t the correct one? All Wallets have transparent security systems for the user that check:

  • that the phone hasn’t been manipulated
  • that the App has been downloaded from its correspondent store
  • that the version downloaded is certified by the bank itself

I won’t lie to you, sometimes there have been some frauds, like in everything. Fraud statistics in payments carried out through Wallets are pretty clear. Fraud in mobile phone payments is not made at the same moment of the payment, but when we register in the service. They support themselves in phishing or SIM card cloning techniques, a practice that has been drastically reduced due to the introduction of extra security factors during this process.

3. They will know what I buy and what do they want my data for

publicity ad email

What is the urban myth?

“I refuse to pay with the phone, I’m sure they will start sending me emails or ads about what I have bought. Why would they want all that data for? They will even know the shampoo brand I use”.

Now that we have seen the risks of sharing our lives on social media, for example, we are becoming aware about our privacy and the information we give to enterprises. Scandals like Facebook or Cambridge Analytica or the approval of the new Data Protection Law made us realize that in this interconnected world where everything is shared, information is power and business.

We will carry on dismantling urban myths about payments with mobile phones.

Why is it a lie?

Our Bank is fully aware of the confidentiality of client’s data. This data also includes all information related with their purchases.

For example: for Santander cards to be registered in a third party’s Wallet, the Bank needs to reach an agreement with Google, Apple, Samsung… this arrangement gathers the confidentiality and data protection of all purchases, as well as the inability of sharing them.

Nevertheless, if there are still some doubts regarding the use that can be made out of our data, there is an alternative to mobile payments: doing them via the Wallet App of the Bank. Information will reside and will be processed through the bank systems, guaranteeing the confidentiality of transactions.

Bonus: paying with the phone is uncomfortable and doesn’t work

After reading this post I hope you reach the same conclusion as I did: paying with your phone is even safer that doing so with our credit cards, plus, the confidentiality of our purchases is completely protected.

We only have an argument left to deny: “it’s uncomfortable and it doesn’t work”. I can only encourage you to try it. Mobile payments have been with us for years now and it’s a mature technology that has grown exponentially.

Each time, more and more Smartphones include NFC technology and once you try it and see how simple and comfortable it actually is, there’s no way back. Smartphones have already substituted many devices that were part of our daily lives and now they want us to leave our wallets at home. It’s a matter of time.

alfonso suarez

Alfonso Suárez

Santander Global Tech

Working with smartphones and payments. I have had aventures worldwide and love roller coasters. “Technology is a fundamental part of our daily lives, let’s learn live with it”

 

Other posts