Published: January 24, 2024 on our newsletter Security Fraud News & Alerts Newsletter.
Digital wallets became a preferred way of paying for purchases since the coronavirus outbreak put them on the map. This easy way of making touch-free, germ-free payments morphed into the method of choice for 53% of shoppers in the U.S., according to a Forbes Advisor survey. But storing credit and other payment cards in a digital wallet raises concerns about the security of these payment apps. Let’s take a closer look so you can decide if using these, such as Apple Pay or Google Pay are a good choice for you.
For a contactless way to spend and send money, digital wallets are a welcome option. For Google Pay and Apple Pay customers shopping in-person, it’s as simple as holding your smartphone to a merchant’s NFC-enabled payment terminal. When the customer approves the wireless transaction, the wallet app sends a virtual account number for processing to the merchant’s payment terminal. Using an actual payment card in person or online is never required.
Google Pay and Apple Pay Security
Google and Apple wallet pay apps use enhanced security for purchases providing greater purchase protection than traditional payments. That’s not to say they are fraud or hack-proof, they’re just better protected against it. The apps store your digitized payment information, and the merchant receives a freshly created virtual account number for purchases. This process is called “tokenization.” Tokenization replaces critical payment data like card number and security code with a randomly generated code that doesn’t trace back to the actual payment information. In other words, the merchant never sees your actual account number and it is never stored on their systems. This means that if the merchant experiences a data breach, your card number is still safe.
That’s bad news for credit card creepers who want to steal your payment information. We know fraudsters, hackers and unethical merchants have ways of getting around security procedures, but with tokenization, the only thing they’ll get is a one-time token that’s useless to them.
If you’re wondering if you can still dispute digital wallet charges, you certainly can. In fact, you may even be able to do so directly from the transaction that shows in your digital wallet.
It's important to know when there is fraud with digital wallets, it’s often due to a fraudster using socially engineered attacks like phishing to get a user to give up their login and payment card information, so stay aware. Always keep your guard up for those phishing lures such as poor spelling and grammar, a sense of urgency, generalized greetings (Dear All, for example), and blurred graphics. Don’t forget about AI phishing. Have that code word ready to confirm the person on the other end of the line is who they claim to be. And the next time you’re inclined to “shop ‘til you drop” don’t forget your digital wallet!
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at email@example.com