The Role of Security in Mobile Payments

October 22, 2015         By: Lucy Maher

Mobile payments are gaining traction among U.S. consumers and merchants, which means that tapping a smartphone at the checkout counter may soon become as common as using a plastic card.

A number of U.S. consumers know this and their use of mobile payments is growing. The Federal Reserve’s “Consumers and Mobile Financial Services 2015” report found that 28 percent of smartphone users and 22 percent of all mobile phone users had made a mobile payment in 2014.[1]

That’s because in addition to a wide range of existing payment options and platforms, including those from Apple Pay and Google Wallet, several startups in the “fin tech” space are working to create improved e-commerce technology. During the first three quarters of 2014, these payment-based firms raised $1.18 billion in 75 funding deals.[2]

What’s more, major banks are building mobile payments into their mobile apps. These and other mobile payment solutions are using NFC, or near field communication, to deliver a fast and easy way to pay for purchases in real-time by allowing active NFC-enabled devices, like smartphones, to exchange information with other compatible phones or devices.

And while contactless mobile payments enable a quicker checkout experience, they also offer a great deal of security to the payments process.

“As merchants are evaluating their transaction environment, it’s beneficial to consider how contactless mobile payments can offer a more frictionless commerce environment and payments security,” said Amy Parsons, Vice President of Strategic Merchants and Global Product Solutions. “Accepting mobile payments can bring merchants one step closer to a simple, quick checkout process for a more enjoyable shopping experience.”

Three key security features available include biometrics, secure element chips, and tokenization – all of which contribute to greater security.


Though making a mobile payment is relatively easy, unlocking your phone could take time. This is where biometrics can play a security role. This technology might solve the authentication problem and eliminate the need for consumers to enter a password to log in by relying on any number of identification measures including face, fingerprints, hand geometry, handwriting, retina, or voice. For example, Apple Pay uses near-field communication (NFC) and a fingerprint sensor, to authenticate credit card information in the iPhone’s Passbook app.

Secure Element

Put simply, this is a tamper-resistant software platform, similar to a chip, that securely stores and processes data and securely communicates with other devices. It connects with the transaction terminal, sends the right answers to queries, generates encryptions, and authenticates the stored card. The secure element provides a secure storage and execution environment for the payment applications to do their jobs.


This method replaces a credit card’s 16-digit card number and expiration date with credentials that limit the impact of a data breach or sporadic card theft. Tokens are secure because they are limited to use on a specific device, at a specific merchant, or for specific types of goods and services. In other words, a token is useless to hackers trying to commit fraud via online purchases or by cloning magnetic stripe cards. Another key security feature is encryption, which securely stores information. Discover recommends leveraging both technologies to increase security.

“For the millions of merchants focused on security at their point-of-sale systems, safeguarding customer information at the point-of-sale, no matter how customers choose to pay, is an important step to protect consumers from fraud,” added Parsons. “Mobile payments aren’t just about a seamless experience – they are a way to facilitate greater security and additional peace-of-mind among customers.”

For more information, visit