The move follows similar programs from Target and Amazon.
M-commerce next on criminal hit lists?
Yes, and retailers and consumers should prepare now, an analyst says.
As retailers and consumers alike increase their reliance on smartphones for commerce, gaming and buying tickets, many may be harboring a false sense of security, says McAfee Inc., a security firm.
Most consumers—70%—feel their smartphones are safe from hackers, malicious software, also known as malware, and other types of cybercrime, McAfee says, based on results of a recent survey of 2,337 U.S. adults. The National Cyber Security Alliance, an organization promoting safe technology uses, also sponsored the survey.
The implication for retailers and consumers is that as smartphones and tablets increase in popularity and use, criminals could turn their attention to them, McAfee says. “Mobile malware incidents are still relatively low in number, but with smartphones and tablets eclipsing unit sales of desktop and laptop PCs, criminals will continue to set their sights on mobile,” McAfee says.
Indeed, retailers should prepare for the time when mobile devices and m-commerce sites become targets for criminals.
“Everything that happened in the PC world will and is starting to happen in the mobile world,” says Avivah Litan, an analyst at Gartner Inc. who specializes in Internet security. For example, criminals might attempt to gain remote control of a smartphone just as they do with desktop computers, she says. “If they can control the handset, they can change the banking controls.” That could allow criminals to drain a consumer’s bank account.
The proliferation of mobile devices means retailers have even more work ahead of them to ensure safe mobile commerce. Retailers have never been able to control how consumers connect to their e-commerce or mobile commerce sites, and have to rely on data generated after completed transactions to ferret out potential risk, she says. “They need better fraud protection on the back-end.”
Many fraud protection measures look for transactions that happen outside of a cardholder’s typical profile, such as an online transaction originating in California when the consumer just used the card in a store in New Jersey.