Security a make or break issue for mobile payments
When it comes to the emerging mobile payments battle, we're seeing a very interesting knock-down-drag-out battle emerge.
One way to segment that many participants is by the security approach that each participant embraces. In one corner, you have the core NFC crowd, which has generated a lot of media attention as companies like ISIS come online. It generally stores critical information on the secure element on the handset itself. In the other corner, you have the cloud computing crowd, represented by companies like PayPal, which stores critical information in the cloud.
So who has the edge?
For some insight, let's turn to a recent paper by the Federal Reserve Bank of Boston, which suggests that using an encrypted secure element in the smart phone is a "proven technology" for safely storing and executing transactions.
"Cloud computing is used to store enterprise data, but has only recently been used to store mobile payment credentials," one of the authors told Bank Systems & Technology. "Compared to a mobile wallet, the digital (cloud) wallet still has many unknowns related to securing a mobile payment and lacks the standards to ensure that all merchants and vendors offering digital wallets are applying appropriate security controls, such as end-to-end encryption of the data, or tokenization. There may also a greater risk of mobile payments data stored in the cloud being compromised."
In the end, consumer education will also play a huge role in security.