Digital person-to-person payment services and mobile payment apps have become part of everyday life for millions of people. Mobile payment services and apps such as PayPal, Venmo, Zelle, Apple Pay and Google Pay let you send money to people without having to write a check, swipe a card or hand them cash. These services have become increasingly popular among young and old alike for splitting the cost of a meal or donating to a charity, etc.

We all must be aware that these electronic payment services come with their own sets of risks that scammers, fraudsters and identity thieves utilize to victimize the public.

It is important to note that most if not all these mobile payment apps have a website counterpart that has similar features that allow the the use of a computer to conduct transactions. Features may differ between the mobile app and its website version, but their basic tasks (sending and receiving funds) are the same. And though the focus of this article is on mobile apps, the risks and security precautions applies to both app and website versions.

How do they work?

Mobile payment apps enable you to send money to someone who banks somewhere different than you. Your bank may even offer one of the apps as part of its service. Some services require both the sender and recipient to have an account with the same mobile payment app/service. Each app has its own easy-to-follow, step-by-step instructions. Most start with enrollment using your email or mobile number. To send funds, enter the email address or mobile number of the recipient
who has a bank account. Enter the amount. Your recipient gets a notification explaining how to complete the payment.

A word about passwords

Create a separate and unique password for the service you have chosen to use that’s different from any other accounts and services you use. For example, use a different password for your email and PayPal accounts.

Are they safe?

The greatest risk is losing your mobile device or having it stolen. It not only contains the mobile payment app you use but all your other apps, including social media and email apps. Also at risk are the entire contents of the device, such as your contacts and other important personal data.

And like any computing device, it can also be infected by malware and carry out various kinds of malicious activities, such as stealing passwords and other sensitive personal information and transmitting them to cybercriminals. Furthermore, fake apps masquerading as legitimate apps — including mobile payment apps — can compromise the data stored on your devices.

In addition, cybercriminals also rely on traditional scams and fraudulent schemes to trick unsuspecting users to send them money using mobile payment apps. For example, fraudsters are known for “spoofing” legitimate companies like Amazon to trick users into purchasing items they will never get, or sending donations to a fake charity organization that is nonexistent.

How do I protect myself from scams & theft?

The first line of defense is protecting your device. Do not leave it unattended. Do not let strangers use it unless you can see what they are using if for. Enable your device’s screen lock when not in use or even power it off.

Most importantly, ensure the app you installed is from a legitimate source. Then consider using security software. Most fully featured security products have protections for your banking and payment applications.

Most mobile payment apps allow you to set up a passcode, PIN or fingerprint that you can use to authenticate yourself before making a payment. Setting up this feature helps to prevent someone else from making unauthorized transactions from your account. Use a strong password which contains a combination of uppercase letters, numerals and control characters (%, ^ , !).

If your mobile phone is lost or stolen, notify your bank and payment provider. If stolen, report it to law enforcement and obtain a police report number, which may be required to prevent you from being responsible for any financial loss.

Most payment apps have additional security features such as two-factor authentication (2FA). Activate it so before a transaction is authorized, a code is sent to you via text message or email that you’ll need to input to complete the transaction.

When you are not using the app or web service, log out and ensure that your mobile device and computer are locked when they are not being used.

Use a credit card with a low credit line or open a bank account designated for the payment app/service. Do not use accounts associated with any income (pension, SS benefits).

One of the most common risks when using mobile payment apps is human error. Always double check the amount you entered and the person you selected to pay. Also, pause a bit to confirm the transaction went through before tapping again. Again, contact your bank or payment provider if you make an error.

Ultimately, mobile payment apps and web services make our lives easier, but we don’t want to make it easy for scammers, fraudsters and hackers to victimize us. Stay vigilant and stay safe.

Contact Christopher with questions about online security.
Christopher Duque |