Concerned About Mobile Payment Security? Kaspersky Says Relax… For Now

January 30, 2015         By: Steven Anderson

When the news is thick with reports of data breaches from major stores on a semi-regular basis, it’s easy to get a little gunshy in terms of just how secure those mobile payment systems actually are.

Sure, we have protection measures in place—passwords, two-factor authentication, even biometrics in some cases—but it’s still enough to make some wonder: is this really enough? A new report from Kaspersky Labs, one of the biggest names in security around, should prove to be a comfort for those concerned, yet also serve as a word of warning: there’s not much cause for alarm right now, but that won’t be the case for too much longer.

The report came from David Emm, principal security researcher with Kaspersky Labs., who noted that there has indeed been “exponential growth” when it comes to mobile malware, and it’s been particularly prevalent in the form of banking Trojans geared toward mobile devices.

However, Emm also notes that the actual threat level, despite this astonishing growth rate, is low overall. That sounds like a contradiction in terms, but Emm elaborated, clarifying that the threat level was low thanks to a threat that’s still “in its infancy,” and the fact that banks and similar issuers have had a handle on this issue since before mobile payments got started, and augmented security accordingly.

Plus, there were already several existing systems on hand that were incorporated into many mobile payment systems—online payment processing, for example—and these benefited from years of security research and augmentation before going fully live.

That gave mobile payment quite a bit of a head start, and one that’s providing plenty of protection to users today.

But as is commonly the case, this shouldn’t be a sign of apathy in protecting oneself while using mobile payment systems. For instance, phishing Trojans—emails containing harmful links but looking like such were sent from more official sources.

When a user clicks the link, it engages the malware and attacks the system. This is one method difficult to protect against and must instead be spotted by vigilant users, so in a sense, attackers are bringing out more and varied types of attack, which denotes a building threat, not a currently large threat.

So what does Emm suggest doing to protect yourself? Comparatively simple things, really; start with securing the mobile device commonly used to make mobile payments. Passwords, fingerprint scans, and similar matters help make sure the data on your device remains yours and only yours.

Also make note of what apps are active on the device, as some of these may provide a point of access for outside intrusion. Finally, security products like antivirus software and the like, and minimizing risks when connecting to unfamiliar or unsecured Wi-Fi points are likewise important.

So really, if Kaspersky is saying not to be too concerned yet, it’s a very good sign that you can breathe easy and make those purchases if so inclined. But on the flipside, Kaspersky is also making it clear that the hackers won’t stay quiet for long, and being ready now with some basic vigilance and an embracing of security can make a lot more difference than might be expected.

Protect yourself, protect your identity, and let a few common-sense security precautions serve as your mobile payments umbrella.