IT professionals tend to hear conflicting stories when it comes to mobile wallets and digital currencies. Proponents talk about simple, easy transactions, while skeptics point out the numerous security flaws that still threaten the technology.
Regardless of the debate, the trend toward wearable computers is gaining steam, and more and more companies are trying to incorporate mobile payment apps into their operations.
Mobile Commerce Daily reports on the growing number of developers trying to add mobile payment options to Google Glass. One program, Pay with Wallaby, helps users decide which credit / debit card to use for various purchases in order to take advantage of reward points and other benefits.
But security threats remain the biggest question. When Google debuted "Google Wallet" two years ago, it promised simple mobile payments through Android devices. What it got instead was a bevy of cyber attacks (read this CNET recap for more information). Other mobile wallet apps have seen similar security nightmares.
What is a Digital Wallet?
When talking about "digital wallets," you're really referring to a whole system: device, software, and signal. Here are some of the common components and various ways consumers use digital wallets and currency:
- Near-field communication. There are many NFC apps on mobile phones. Radio signals can be sent between smart phones by putting them in close proximity or "bumping" them to transfer data. The same technology can be used to "bump" your phone to check out at a cash register.
- Mobile wallet app. This software facilitates money transfers. BitCoin, for instance, has numerous third-party apps for its users to make purchases or transfer money using the digital currency. Many of these apps have proven difficult to safeguard from hackers.
- Bluetooth-enabled devices. Some tech experts predict we'll see Bluetooth-enabled jewelry and other devices that coordinate with the phone in your pocket. You’d just swipe the device at the cash register to make your transaction.
- Wearable computers. As more smart watches and other wearable computers hit the market, we will also likely see new digital wallet applications built for them.
Why Are Digital Wallets and Mobile Devices Prone to Cyber Attacks?
In the past, we've gone over the shocking statistics on mobile data breaches (see "Nearly 40% of Data Breaches Caused by Mobile Devices"), but let's examine the four reasons why mobile devices are more susceptible to cyber attacks:
- Mobile devices move from network to network and are often used outside of secure networks (i.e., they tap into unsecured Wi-Fi).
- They can easily be lost or stolen.
- Many mobile app developers prioritize design over security. (We discuss why this problem plagues mobile start-ups like SnapChat, in "The Tech Start-up Data Problem: Hacking as a Rite of Passage.")
- Employee mobile devices are almost all used for personal as well as professional purposes.
The portability and vulnerability to malware make mobile devices prone to physical as well as cyber theft. Combine these factors with the way many employees indiscriminately download third-party mobile apps and it's easy to see why mobile data breaches are so common.
The nature of the mobile platform means that virtual wallets will likely be targets of hacking and data theft, too.
Dangers of Digital Money: Cryptocurrency and Cyber Liability
You've heard the expression, put your money where your mouth is. That's kind of how BitCoin has worked. Because BitCoins are (currently) worth so much money, they have tested the limits of cryptography and mobile device security.
In order for BitCoin (or any digital money transfer) to be secure, every aspect of the transaction must be secure. This has led to a battle between the brightest developers and savviest hackers, each trying to outdo the other. Unfortunately, for the time being, it looks like the hackers are winning.
In a recent Wired article, one developer of a formerly secure BitCoin wallet app offers disheartening advice for his users. After his wallet was hacked, the maker of the inputs.io now says that the safest and best way to store BitCoins is by writing the cryptography key on a piece of paper or engraving it in a ring. Digital security, it turns out, is a bit of an oxymoron.
Security experts are coming to realize that any device connected to the Internet is susceptible to a cyber attack. Barring major cryptography breakthroughs, any wallet app, NFC device, or Bluetooth-enabled wearable computer will be vulnerable.
How IT Professionals Can Cover Their Device Liability
With 40 percent of data breaches taking place on mobile platforms, IT consultants should be cautious about mobile wallets. If clients want to expand their point-of-sale system to accept mobile payments, make sure they are aware of the increased liabilities.
Remember that when a client's liabilities increase, yours do as well. You can be sued for data breaches that occur on a client's network, payment system, or mobile device.
Whether you're a mobile app developer writing a new virtual wallet program or an IT consultant overseeing a client's point-of-sale system, the increase in wearable tech and mobile wallets will mean more challenges for you and more potential lawsuits. To protect your business from the cost of data breach lawsuits, you'll need E&O Insurance.
An Errors and Omissions Insurance policy covers your legal expenses when a client sues you over a mobile data breach. Check out our free sample insurance quotes for a breakdown of Errors and Omissions Insurance cost.