As the world struggles through a global pandemic that has, through the manner of its transmission, severely constrained human contact, so new ways have been found to do what we usually do – but without touching strange surfaces any more than we have to. Is it then any wonder, that the use of tap and go payments has snowballed? After all, this is a payment method that is marketed as contactless, and can be applied not only to cards, but also to many wearable devices.
At the same time, perhaps the only thing faster than a lockdown order is the speed at which cyber-criminals latch onto new ways of parting the unsuspecting with their cash and data. Therefore, when it comes to tap and go functionality, security is of paramount importance. Moreover, security does not fall within the ambit of only one particular link in the value chain – banks, retailers and yes, users too, have a part to play in safeguarding these devices and transactions.
“It is important for consumers to be educated around how to protect themselves and their data when using devices or wearables that offer tap and go functionality,” says Ilonka Badenhorst, Managing Executive at the Wireless Applications Service Providers’ Association (WASPA). Her organisation is dedicated to ensuring that its members adhere to industry standards and rules which are monitored and regulated on a daily basis.
Even though enhanced ‘tap and go’ functionality as well as billing through mobile provides can be safer and – let’s be honest – more convenient, that does not change the fact that the basic principles of security still apply. “It is the responsibility of the merchant to ensure the environment is safe for transactions to take place and make certain that the reader device is also secured. The banks’ (or in many cases now, mobile providers’) role lies in ensuring that valuable transactions are further protected by a PIN or two step authentications – even those smaller purchases which usually don’t require a PIN.
She adds that users also have their part to play, notably by taking responsibility for the protection of their PINs, login details and passwords by keeping them secret and not giving them out to anyone.
“Just as WASPA is a self-regulating body that ensures its members are abiding by best practices, so individual shoppers need to self-regulate their security methods to ensure these are also the best possible practices.”
This will become more critical as wearables and direct mobile operator payments grow in popularity, she continues, and these devices – along with smartphones – are increasingly used to make tap and go payments.
The good news, notes Badenhorst, is that for additional security, tap and go transactions utilise randomised tokens that are sent via OTP to complete the transaction. Crucially, because these tokens are random, each one is unique to the individual transaction being undertaken. And for direct mobile operator payments – there’s no need for a credit card or banking details – it’s safe, secure and simple as long as you are careful and don’t click too quickly.
“Ultimately, tap and go payments as well as ‘add to mobile bill’ functionalities are safe, secure and convenient, but they are not necessarily infallible. Therefore, users need to always be vigilant when undertaking such transactions and accept their share of responsibility for safeguarding their cards, wearables, smartphones and opt-in data decisions,” concludes Badenhorst.