The majority of cybersecurity experts expect mobile payment security incidents to grow over the next 12 months, but it’s unlikely to affect adoption significantly, according to ISACA.
Some 87% of the 900 cybersecurity experts interviewed for the industry body’s 2015 Mobile Payment Security Study claimed data breaches would increase over the coming year.
In fact, just a quarter (23%) said they thought mobile payments keep personal info safe, while around half (47%) claimed mobile payments are definitely not secure.
“ISACA members, who are some of the most cyber-aware professionals in the world, are using mobile payments while simultaneously identifying and contemplating their potential security risks,” noted ISACA risk adviser, John Pironti.
“This shows that fear of identity theft or a data breach is not slowing down adoption – and it shouldn’t – as long as risk is properly managed and effective and appropriate security features are in place.”
Insecure public Wi-Fi was ranked the number one vulnerability by most respondents (26%), followed by lost or stolen devices (21%), phishing/SMiShing (18%), weak passwords (13%) and user error (7%).
Two-thirds of ISACA’s cybersecurity experts claimed two-factor authentication is the best way to prevent a breach of personal information, followed by requiring a short-term authentication code (18%).
Installing security apps on the device itself, an option which puts more responsibility on the user, was far less popular – gaining only 9% of respondents.
Part of the problem in the mobile payments industry is that there’s no generally accepted rule when it comes to apportioning responsibility for security between consumer, payment provider or retailer.
ISACA argued that, by using the COBIT governance framework, all stakeholders could agree on an acceptable balance of fraud rates versus revenue.
It’s also important that consumers value their personal information, understand the level of risk they want to take versus the convenience of mobile payments, and are aware of the security options out there, said ISACA president, Christos Dimitriadis.