Tips for Making Safe Mobile Payments

using smart phone to make a mobile payment
••• Vasily Pindyurin / Getty Images

Although a majority of Americans own a smartphone and shop online each month, many remain skeptical of mobile payment technologies that would allow them to purchase in-store merchandise by scanning their phone. The Pew Charitable Trusts conducted a 2018 survey where they found nearly 95% of respondents reported using at least one traditional card in the past year, compared with 56% who reported using a mobile payment.

The survey attributed slow adoption of mobile payments to the following factors:

"Paying with the use of a smartphone at a point of sale is not materially easier than using a credit card. Also, products and services are not received faster nor are transferred funds available sooner with a mobile payment, compared with traditional cards or accounts."

Building on a Younger Generation

Pew found that age was the best predictor of mobile payment use, with younger Americans driving the adoption of such transactions. It remains to be seen if mobile payment providers like Apple or Android Pay can make their user experience more seamless than credit cards for the general population, and as these technologies evolve, it's important to take safety precautions to protect your financial data.

Safety of Mobile Payments

In some ways, mobile payments are safer than swiping at a terminal, as it's more difficult for hackers to get access to your credit card details in a data breach. That's because your actual financial information isn't transferred during the transaction. Instead, an encrypted version of your credit card is used to authorize payment. Even with the advanced security features, it's still important to keep some tips in mind to ensure your financial information isn't compromised.

Use Trusted Payment Platforms

If you're going to add payment information to your smartphone, use the latest version of the software provided with your device or a verifiable and trusted third-party platform, like PayPal.

Fraudulent mobile payment apps do exist and are created for the sole purpose of gathering credit card details.

All Untrustworthy Apps Are a Security Risk

Be extremely cautious about all software you download onto your device. Even if your financial information is contained within a trustworthy financial app, other, unrelated apps on your phone can contain malware that's designed to capture your payment information and deliver it to criminals. Verify the following information before downloading an app onto your phone:

  • Learn about the vendor and/or developer. The app store will link directly to the vendor's website, and you should examine the security/privacy policy, how information is collected and used, and what information is available to advertisers.
  • Pay attention to how many times an app has been downloaded. These numbers can help you gauge trustworthiness. If an app has been downloaded 5 million times, it at least implies that the product works well for its users. It's okay to download an app with only a few downloads—just spend extra time investigating the vendor first.
  • Reading reviews can help you learn if others have had a positive experience with the application. With that said, don't base your download solely on reviews, because they can be bought or faked by the application.
  • Permissions give vendors access to certain parts of your phone. Messaging apps need access to your messages or contacts; photo apps may want permission to access your camera or social media accounts. Make sure the permissions are appropriate for the type of app you're downloading and only download apps that respect your right to privacy.

Use Built in Security Features

You can use Android Device Manager to lock or locate a lost or stolen cell phone by going to android.com/devicemanager. You can do the same for an iPhone by going to https://www.icloud.com/ and for a Windows device by going to support.microsoft.com.

In 2018, the Federal Communications Commission’s (FCC) Chairman made a special request of the Technological Advisory Council (TAC) to report on Mobile Device Theft Prevention. The TAC reported that all smartphones manufactured after July 2015 in the U.S. would offer (at no cost to consumers) a baseline anti-theft tool enabling users to:

  • Remotely wipe the authorized user’s data (i.e., erase personal info that is added after purchase such as contacts, photos, and emails) from their smartphone in the event it is lost or stolen.
  • Render the smartphone inoperable to an unauthorized user (e.g., locking the smartphone so it cannot be used without a password or PIN), except in accordance with FCC rules for 9-1-1 emergency communications, and if available, emergency numbers programmed by the authorized user (e.g., “phone home”).
  • Prevent reactivation without the authorized user’s permission, including unauthorized factory reset attempts.
  • Reverse inoperability if the smartphone is recovered by the authorized user and restore user data on the device.

Use Strong Password Protection

Make sure you're not carrying an unlocked phone. Without any security on your phone, a thief can quickly and easily get into your phone and access whatever personal and financial information you have stored.

A strong password is one of the best ways to protect your phone and the information stored on it. Don't ignore some of the other security features offered on the latest phones. Features like facial recognition, iris scan, and fingerprint unlock can be even more secure than a password or PIN.

If you use a password or PIN to protect your phone, be wary of “shoulder-surfing,” where a criminal looks over your shoulder to watch you input your password.

Don't Send Sensitive Information Through Public Wi-Fi

Any information passed through public Wi-Fi is accessible to everyone else who has access (and has the technical knowledge to hack into individual devices). This means your payment information can be intercepted if you're using your phone to make online purchases on public Wi-Fi. You're safer using your phone carrier's cellular network or your home's password-protected internet connection.

Purchase a virtual private network (VPN) which will provide a secure internet connection by using private servers in remote locations. Both ExpressVPN and NordVPN are highly rated and offer their service for phone and computer.

Store Credit Card Info for Secure Mobile Payment

If a thief gains access to your mobile payment information, it's better for your credit card to be at risk than your debit card. This is because credit cards have much better fraud protection than debit cards. Most credit cards have zero-fraud liability policies that eliminate your risk for any unauthorized charges made to your credit card account. With debit cards, you have a greater possibility of being held liable for the money taken from your account. Even if your bank will clear up the fraudulent charges, you don't want to have to wait for them to sort it out.

Monitor Your Credit Card Account

Check your credit card transactions often, even if you have your phone in your possession and you've used all the payment safety precautions. A thief who has gained access to your financial information can add your payment details to their mobile device.

Watching your account will allow you to detect any suspicious charges quickly and report unauthorized charges to your credit card issuer. If you suspect that your credit card information has been compromised, don't hesitate to reach out to your bank and create new account details.

Article Sources

  1. The Pew Charitable Trusts. "Are Americans Embracing Mobile Payments?" Accessed March 7, 2020.

  2. Federal Communications Commission. "Technological Advisory Council (TAC) Mobile Device Theft Prevention (MDTP) Working Group." Accessed March 7, 2020.