September 11, 2012

5 Mobile Payment Safety Tips for Your Phwallet (Phone + Wallet)

At Lookout, we believe that mobile phones will be the nexus for everything. We already rely on our phones for so much in our daily lives, and we think smartphones will become our digital wallets as well. Major companies are now supporting and investing in mobile payments, including Starbucks, Visa, Wal-Mart, Best Buy, CVS and even the London Olympics.

Even with all the mobile payment buzz in the air, the U.S. Federal Reserve found that only 21% of mobile phone users have used banking apps in the past year. The lack of consumer confidence might be due to perceived security issues or unfamiliarity with the technology. But a little bit of information and a few tips should help people to embrace the phwallet. (That’s phone + wallet. That’s not a thing yet? You sure?)

First off, there’s no one standard mobile technology or app for paying for your latte or gossip magazine, which may also be why mobile payments are not ubiquitous… yet. There are apps like LevelUp where you scan a QR code at checkout. There’s Square, which uses a combination of your location services and a picture of your smiling mug to prove that you are who you say you are: just a girl, standing in front of a merchant, asking to pay for a Vietnamese sandwich. And don’t forget there’s also near field communication (NFC) apps like Google Wallet, where you can simply wave your NFC-enabled phone within a few centimeters over a special reader at the register. The battle for market share between these different mobile payments apps and technologies is heating up, Blu-Ray vs. HD style.

So how to keep your smartphone-cum-wallet safe and secure? Some of these tips are hopefully already a part of your everyday phone safety.

  • Set a password on your phone. Imagine if you could put a combination lock on your physical wallet. Well, setting a password or unlock pattern on your phone is like putting lock on your digital wallet. If you upgrade to Lookout Premium, you’ll also be able to remotely lock down your phone if it’s stolen.
  • Download an app for finding your lost phone/wallet. Losing your phone is one of the most common security risks. When your phone is your wallet, it’s even more inconvenient to have it lost or stolen. Download Lookout now so you can use it later if you misplace your phone.
  • Use discretion when downloading mobile payments apps. Heck, this goes for ANY app, not just mobile payment apps. Only download apps from sites you trust, check the app’s ratings and permissions and read reviews to make sure they’re widely used and respected before you download.
  • Turn off your device’s NFC connection when you’re not using it if you have NFC-based apps like Google Wallet. Disable NFC in the Wireless & Networks tab under Settings.
  • Use NFC payment stations with caution. At DEF CON 2012, Charlie Miller suggested a rogue reader, as small as a strawberry, could be hidden in plain sight on an official NFC payment station. Charlie Miller’s talk showed a proof of concept for NFC hacking, but we haven’t heard of any NFC hacking in the wild. However, it’s good practice to look for any weird stickers or buttons tacked onto an otherwise legitimate-looking payment station.

Tell us in the comments if you’re using any mobile payment apps, and whether you think phwallet should be a real word!

Image courtesy Google Wallet

  1. Brian Kristensen says:

    Phwallet should by all means be a real word!
    Nice article.

  2. Presley says:

    No payments made by phone.
    How do you propose to pronounce phwallet? I tied it, sounded like a word slurred. why not simply “Payfone”?

  3. Wallet on a phone, fantastic idea

Leave a comment