Mobile payments drive sales, but security is needed

Payments made via mobile apps and mobile devices are driving a better user experience for customers, but more has to be done to secure the process and reassure customers who are paying using mobile point-of-sale devices in store.

At an event hosted by MyPinPad, featuring speakers from across payment security and retail technology, it was determined that more needs to be done to enable mobile payments to replace the carrying of cash. 

Looking back at 12 years since the deployment of Chip and PIN, Gary Munro, senior consultant at Consult Hyperion, said the enablement of mobile point of sale (POS) functionality had brought cost and capability issues down, as well as removing the problem of unpatched traditional payment terminals.

Jeremy King, international director of the Payment Card Industry Security Standards Council (PCI SSC), said that in instances such as local social clubs or outdoor festivals, those vendors offering mobile payments were seeing the most business. He said there is a need to determine a secure and practical solution to enable mobile payments across retail.

“We want the payment experience to be fast and frictionless and of course secure,” King said, describing how mobile payments going forward need to keep using PIN security measures.

Munro said the main consumer concern when using a mobile POS is putting their card or PIN into a stranger’s phone, or handing their phone to a stranger. But the cost of card-reader dongles are being reduced thanks to new mobile payment standards. 

“Consumers and issuers trust PIN and security is key, but move to software security changes the dynamics,” Munro said.

New standards

PCI SSC is currently developing a new standard  for software-based PIN entry on commercial off the shelf (COTS) devices, which will drive regulation across the industry when it comes to PIN-based applications and card readers which are used with a mobile device.

King claimed that the validation program documentation is expected in Q2, and it would be the end of 2018 before any  compliance-ready products to be developed and launched by then.

Concluding the session, Martin Schofield from Retail247 said retailers want to maximise their opportunity to make a sale, and offer a frictionless process.

He said that there was an issue with a lack of mobility and capability around payment hardware, while “PIN on mobile has increased the pace of payment deployment and reduced hardware refresh and this is a good thing for retail innovation”