Why has mobile payment not become popular after so many years?

Why has mobile payment not become popular after so many years?

January 8 news, why has mobile payment technology not been popularized for many years? Wired magazine recently published an article by an industry insider, explaining the reasons from a security perspective, introducing the industry's efforts to this end, and proposing new ideas. The following is an excerpt from the article:

Why are consumers still reluctant to accept mobile payments? Concerns about security are the number one obstacle. Scandals involving the theft of user information by big-name retailers have left consumers feeling terrified, so it is impossible for people to truly trust mobile payment technology.

What needs to happen in order for this technology to be widely accepted is to build trust. EMV credit cards (Eurocard, MasterCard, Visa) use a secure microchip to transmit data, but this is a physical device. The key is to create a similarly secure environment in the virtual world.

The field of protecting user payment credentials has changed with the advent of Host Card Emulation (HCE). Before HCE, people only had two options. One was to store the credentials in a special secure chip in the phone, the Secure Element (SE). This created a mobile wallet with a Secure Element that could protect sensitive data transmission like an EMV credit card. The other option was to use a "Card On File" credential in the cloud - essentially storing basic payment information online.

Host card emulation is the best example of using software to ensure credit card security. All data related to credit card payment no longer needs to rely on a physical chip, which ends the role of secure elements. The previous debate on the ownership of secure elements has also been resolved, and the market has opened the door to new entrants.

From the current practice, the operation steps involved in transferring the credit card data stored on the chip to a secure cloud environment are problematic. To complete a transaction, your mobile phone needs to be connected to the Internet and wait for the response sent after the data is encrypted. Even in an ideal situation, this is difficult to complete within the time required by the issuing organization. And if there is no signal, all of this is out of the question. To solve this problem, people have designed a concept called "Tokenization". When you spend, you don't need to connect to the Internet every time, but store a virtual credit card with limited use in your mobile phone.

Tokenization has its own problems. To steal your money, an online thief doesn’t necessarily have to take your wallet or even your phone. A hacker can clone a phone and get credit card information, or simply install malware on the phone that sends a virtual card directly to the thief.

In the long run, mobile payments can only be secure if a strong authentication mechanism is in place. We must be able to bind the user's identity information to the transaction authorization. Although banks are familiar with data protection requirements, new market entrants with less experience still need to be very careful about authentication and risk assessment.

It turns out that smartphones themselves can play a role in ensuring mobile payments are secure.

WiFi positioning, 3G positioning, GPS data, and the number and type of applications on the device can form a unique user profile. Although this is not a panacea, it can be used to determine whether a fraudulent transaction has occurred. At the same time, since the threshold for authentication is lowered, as long as the consumer can be determined to be trustworthy, he or she can have a better shopping experience. In addition, the threshold for transactions can be set up when it feels suspicious.

In an age of increasingly intelligent cybercrime, all Internet activities are subject to security risks. The risk-based authentication method created in the above way is no exception. This method requires a large amount of personal information, which will undoubtedly attract the attention of hackers. This data must be protected, but in terms of quantity and sensitivity, it is much more difficult to properly protect this data than a general password database.

Authentication is becoming a big data problem. To reduce hackers’ interest in personal sensitive information, encryption should be enabled. If data is encrypted, even if it is stolen or lost, the damage will be less.

As the mobile payment industry develops, host card emulation has proven to be a welcome and worthwhile new approach. If industry players want to see mobile payments become popular, they need to create a secure transaction environment and foster user trust. Ironically, a device that can pose security issues, such as smartphones, can also serve security by helping users authenticate. Data encryption is another aspect of security, which can add another lock to data protection and further encourage the public to accept mobile payments.

Author Richard Moulds is vice president of product management and strategy at Thales e-Security.

As a winner of Toutiao's Qingyun Plan and Baijiahao's Bai+ Plan, the 2019 Baidu Digital Author of the Year, the Baijiahao's Most Popular Author in the Technology Field, the 2019 Sogou Technology and Culture Author, and the 2021 Baijiahao Quarterly Influential Creator, he has won many awards, including the 2013 Sohu Best Industry Media Person, the 2015 China New Media Entrepreneurship Competition Beijing Third Place, the 2015 Guangmang Experience Award, the 2015 China New Media Entrepreneurship Competition Finals Third Place, and the 2018 Baidu Dynamic Annual Powerful Celebrity.

<<:  Will the small-screen, low-priced iPhone be a nightmare for low-end Android phones?

>>:  After 20 years in China, Microsoft China still cannot let go of its foreign guests

Recommend

KFC (Kentucky Fried Chicken) Private Domain Operation and Promotion Strategy

When I went to KFC to buy a chicken burger two da...

Zhihu Promotion and Operation | Zhihu under siege!

Since Zhihu was founded in December 2010, it has ...

Will the parallel lines of sadness ever meet one day?

When it comes to parallel lines, everyone is fami...

The rooster’s crowing is so loud, why haven’t you gone deaf yet?

Gulp! ... My eyes are hurt. |Giphy How loud is a ...

Just for show? Why do mobile phone manufacturers develop their own processors?

Looking at the competition landscape of mobile ph...

Autoimmune diseases: Why does the immune system attack its own cells?

Some people develop autoimmune diseases, and we n...

Another one discovered! Is a world-class tiankeng cluster hidden in China?

After the scientific expedition team organized by...

How to design a user activation growth strategy from 0 to 1?

When working on growth, everyone pays close atten...

How to accurately attract traffic on Douyin?

In the era of mobile Internet, Douyin has achieve...

A complete set of activity operation planning and promotion ideas

The product is like a singer, and the operation i...