Technological advancements are usually regarded as triumphs that make our everyday lives easier. Whether it’s being able to order a pizza for your hungry family with the click of a button or setting your home thermostat remotely to save energy and money while away, many modern tech tools are used by millions of people regularly. One widely used type of technology is online payment or banking systems. While the convenience is a big allure to consumers, widespread adoption of these platforms can also open the door for more fraud risk.
The COVID-19 pandemic saw an increase in the already upward trajectory for contactless payments. Prior to the pandemic, the global mobile wallet payment market was forecast by Mordor Intelligence to reach $3.7 trillion by 2024. With concerns about virus infection from surfaces, consumers accelerated adoption of mobile wallets. In October 2020, Blackhawk Network reported that U.S. mobile wallet use jumped from 38% pre-pandemic to 55%. It’s no longer a question of whether consumers are using this technology, but when it will become the overwhelming majority for people and businesses around the world.
How do mobile wallets work?
While there are a variety of payment types that can be considered contactless, mobile wallets are defined as a form of contactless payment that can be used in stores (not just online), that use near-field communication (NFC) to complete the transaction. Common examples of mobile wallets include Apple Pay and Google Pay. First, a credit or debit card is added to the platform by the consumer. The card issuer, such as Visa or Mastercard, validates the card with the issuing bank and acts as a token service provider by creating a token for the payment account number. The token is sent back to the mobile wallet servers and is stored in the consumer’s device.
When a consumer pays with the mobile wallet, the transaction is processed using NFC in conjunction with either the EMV or magnetic stripe. For an EMV transaction, the device generates a dynamic cryptogram that is sent to the payment processor along with the token and other required information to process the transaction. For a magnetic stripe transaction, a dynamic CVV is generated in lieu of a dynamic cryptogram. The issuer uses the token and either the dynamic cryptogram or dynamic CVV to authorize the transaction.
What does the increasing use of mobile wallets mean for businesses and fraud risk?
This article was originally published on ACFE.com. To read the full article, click here.