Mobile wallet technology raises privacy, security concerns
WASHINGTON — Your smartphone already serves as a portable office, media player, newspaper, GPS, camera and social network hub. Now it can replace your wallet, too.
Imagine: No more fumbling for credit cards or digging through your pockets for loose change. The technology already exists to let you buy a grande soy latte through your phone, simply by saying your name out loud at the register.
As the number of neighborhood bank branches dwindles, Americans increasingly use their mobile phones to manage money and shop. Payments made via mobile devices in the United States are expected to total $90 billion by 2017, a big jump from the $12.8 billion spent in 2012, said Forrester, a research and advisory firm in Cambridge, Mass.
Privacy advocates worry that the emergence of “mobile wallet” technology will leave consumers more vulnerable than ever to identity theft and invasive data collection.
“All of a sudden the mobile phone is about to be transformed beyond a spy in your pocket to your bank, your mortgage lender and your landlord,” said Jeffrey Chester, the executive director of the nonprofit Center for Digital Democracy in Washington. “In a way, it's kind of a privacy tipping point, because one single device knows wherever you go your geographic history, your social media connections and your financial behaviors.”
One of the most popular mobile payment systems, Square, enables sellers to accept credit cards through a small device attached to a cellphone or tablet.
Consumers who install the “Square Wallet” app on their phones can pay for an item at participating businesses such as Starbucks without ever having to pull out their wallets — or even their phones. Instead, they can just say their names to pay. A photo and the name of the customer pops up at the register, and the cashier taps the picture to authorize the sale, automatically charging the customer's account.
Walla.by, a cloud-based wallet app, allows consumers who input their credit card information to see which card will get them the most rewards or cash back for each purchase. The app helps consumers take advantage of special offers from banks and merchants.
PayPal, Google and other companies offer similar digital wallets.
Such technologies offer convenience and real-time deals to consumers while allowing companies to better track customer behavior and test marketing strategies. Mobile payments are widely used in many developing countries, where cash is scarce and the technology allows people to transfer money safely over long distances, avoiding theft and bribes.
In the United States, the Federal Trade Commission warned in a report this month that these low-cost or no-cost mobile technologies come with hidden costs and risks.
Advertisers, retailers, operating system manufactures and app developers can use the data collected from mobile devices to build more comprehensive consumer profiles, including shoppers' personal contact information, details of their purchases and their physical locations, the report said.
The report also points out that if shoppers use prepaid accounts, reloadable cards or gift cards to pay for purchases via mobile, they won't enjoy the same federal protections afforded to credit and debit cards, which limit a consumer's liability in the event of fraud or unauthorized charges.
Although some companies voluntarily agree to limit liability to $50, the protections aren't required, “and companies that provide them could withdraw or modify them at their discretion,” the report stated.
Privacy advocates worry that consumer protection laws are lagging behind the technology. “At the end of the day, this is about exposing your financial behaviors to a daisy chain of financial and other marketers who will have a very detailed understanding of where you are, where you spend your time and how you buy,” said Chester of the Center for Digital Democracy.
For now, consumer protections for mobile payments aren't really on policymakers' agendas, said Chris Jay Hoofnagle, at the Berkeley Center for Law & Technology.
at the University of California, Berkeley.
“The FTC knows about these problems and it has written about them, but we're very early in this process and these types of data transfers are not noticeable to the consumer, so one question is will the consumer ever object?” he said.
“Going to mobile payments — unless rules are put in place — will be zero privacy,” he said.