Mobile Payments: Why The Cloud Life is More Insecure

http://www.forbes.com/sites/ciocentral/2012/04/11/mobile-payments-why-the-cloud-life-is-more-insecure/

The challenge with the Digital Wallet is that the cloud creates a high concentration of card numbers, producing a perfect target for thieves. These card numbers can be stolen remotely and cloned instantly – all in a single hacking event. Remote stealing of a high concentration of card numbers from physical wallets in the real world is virtually infeasible.

The payment industry dealt with this dramatic risk difference by making the cloud transaction fee (card not present) more expensive than the card present, real world transaction fee – on average 70% more expensive.

It is worth noting that, as per the U.S. census bureau at the end of 2011, online transactions amounted to less than 5% of total transactions. Mobile phones are always online, and unlike your computer, mobile phones are always on you and therefore used for both online (5%) and real world (95%) transactions. Merchants cannot tolerate an increase in fraud or increase in transaction fees in the real world should cloud-based, card not present transaction be the method of choice for Mobile Wallets.

A thief will have to steal one Mobile Wallet at a time…vs. a thief can hack the Cloud once to steal millions of “wallets” or accounts (e.g. Zappos).

When you lose your Mobile Wallet you will likely notice within 15 minutes vs. You may not know that your data was lost from the Cloud until charges show on your bill, in some cases weeks later.

Smartcard security (the same as DoD uses) in Mobile Wallets vs. “Just trust us” security in the Cloud