Improving Security of Mobile Payments
Create a vendor selection project & run comparison reports
Click to express your interest in this report
Indication of coverage against your requirements
A subscription is required to activate this feature. Contact us for more info.
Celent have reviewed this profile and believe it to be accurate.
3 December 2013Zilvinas Bareisis
A couple of weeks ago the European Central Bank (ECB) published a draft document for public consultation on Recommendations for Security on Mobile Payments. These recommendations were developed by the European Forum on the Security of Retail Payments, SecuRe Pay. This document follows similar recommendations for internet payments, and for payment account access services. Creation of standards and guidelines around payments is always a good thing, and that applies to security in mobile payments. However, the ECB is careful not to “set specific security of technical solutions. Nor does it redefine, or suggest amendments to, existing industry technical standards.” In my view, this is absolutely correct – mobile payments remains an incredibly diverse and rapidly developing landscape, and to attempt to impose specific security requirements on all of them would be a mistake. Instead, ECB focuses on five guiding principles for mobile payment service providers:
- Identifying, assessing and mitigating the specific risks associated with providing mobile payment services.
- Using strong customer authentication and registration controls.
- Implementing a robust data protection mechanism to protect sensitive data wherever it is transmitted, processed or stored.
- Implementing secure processes for authorising transactions, as well as robust processes for monitoring transactions and systems
- Engaging in enhancing customer understanding and providing information on security issues related to the use of mobile payment services with a view to enabling customers to use such services in a safe and secure manner.