Mobile Payment Security Fears Haunt Consumers

The survey revealed that just 1 percent of respondents believe using a third-party mobile payment provider is a safe way to pay for in-store purchases.

mcommerce and mobile security

More than 40 percent of respondents believe using a third-party payer such as PayPal or Google Wallet is the safest way to pay for goods online, according to a One Poll survey of 2,011 consumers from the United States and the United Kingdom, which was commissioned by security and compliance solutions specialist Tripwire.

The survey revealed that just 1 percent of respondents believe using a third-party mobile payment provider such as Apple Pay or Google Wallet is a safe way to pay for in-store purchases.

More than half (53 percent) of U.K. consumers believe paying by credit card is the safest way to pay online versus 37 percent of U.S. consumers, and 26 percent of U.S. consumers believe that using a wired Internet connection instead of a wireless one will make online payments more secure.

"Consumers are understandably concerned about payment card security after a long swath of breaches. Mobile wallet providers aren't immune to that sentiment, and it certainly doesn't seem to be going away," Tim Erlin, director of IT security and risk strategy for Tripwire, told eWEEK. "These providers can win in the marketplace by making security central to their overall marketing message. Consumers are ready to respond to a security-centric message."

The study also found that 62 percent of respondents believe that the 'lock icon' is a sign that their online transactions are kept secure, and 47 percent of U.S. consumers will check the URL to see if the page is using Secure Sockets Layer (SSL), while only 15 percent of U.K. consumers check URLs.

"There's a fairly stark difference in confidence around credit card purchases between the U.S. and U.K. While surprising, I think that finding is explained by the investments in tangible credit card security outside the U.S.," Erlin said. "Regardless of the actual impact on rates of fraud, if consumers can see the chip in their card or experience a security-oriented change in their use, their confidence will go up. U.S. consumers haven't experienced security in the same way."

In addition, 78 percent of U.S. consumers surveyed said they thought cyber-criminals can attack Internet-enabled mobile devices like smartphones and tablets the same way they attack computers, and a lowly 6 percent said it is safe to click on shopping links they receive in emails on Black Friday or Cyber Monday.

"The threat landscape is constantly shifting, so there's no way that consumers can be adequately educated," Erlin said. "Whatever information they have is out-of-date quickly. That's why it's up to the retailers, banks and other providers to handle the security aspects of the payment system. The average consumer shouldn't be posting pictures of their credit card on Facebook, but we shouldn't expect them to understand the differences between encryption algorithms."

When it comes to hesitating to provide personal information in exchange for a chance to win money in an online drawing or sweepstakes, 62 percent said they would, 17 percent said they would not and an enterprising 10 percent said it would depend on the amount of money offered.

The survey also indicated U.S. consumers are at least basically educated when it comes to commerce-related threats, as a robust 89 percent of respondents said they understood the term phishing email to be an email designed to trick them into providing personal information about themselves.