Venmo…Square Cash…Popmoney…These are popular services that help you do things like split a restaurant check with friends, or divide utilities or rent charges with roommates. With just a few taps on your smartphone or computer, many consumers have embraced the speed and convenience of these services to make casual payments. But how secure are they?
To use these apps or services, in most cases, you’ll need to download and install an application, and then attach your bank account information to it. If that makes you anxious—it should.
The cybersecurity consultancy firm Information Systems Audit and Control Association (ISACA) conducted a study and found these major vulnerabilities when using mobile payments:
- Use of public WiFi (26%)
- Lost or stolen devices (21%)
- Phishing/shmishing (phishing attacks via text messages) (18%)
- Weak passwords (13%)
- User error (7%)
Other reported security concerns:
- Scams when transacting with strangers, including false claims and reversed transactions
- Non-payment from strangers for products or tickets you’ve sold and shipped to them
- Lack of buyer and seller protection in cases of fraud or non-payment
- Security breaches and fraudulent transactions on your account
If you decide to use social payments, make sure you enable all of the security features they have—especially multi-factor authentication. And change your password regularly.
Make sure not to give the app a direct pipeline into your bank account. Use a credit or debit card instead—that way you’ll at least be able to keep the old account after the fraud is resolved, because the card issuer can always supply a new debit or credit card card number.
ISACA recommends that you “..be aware of what information you are sharing—e.g., name, birthday, national identification number, pet name, email, phone number. These pieces of information can be used by hackers to gain access to accounts. Only provide the least amount of information necessary for each transaction.”
Also, be sure to monitor all your transactions carefully. Keep notifications turned on, and keep the number of devices you use attached to your accounts low. If you’re in doubt, opt for more secure alternatives.
References: Lifehacker, ISACA.org