A recent survey of 901 business and IT professionals worldwide found that 87 percent expect to see an increase in mobile payment data breaches over the next 12 months, and just 23 percent believe mobile payments are secure.
Still, ISACA's 2015 Mobile Payment Security Study found, 42 percent of respondents said they've used mobile payments in 2015.
"Mobile payments represent the latest frontier for the ongoing choice we all make to balance security and privacy risk and convenience," ISACA risk advisor John Pironti said in a statement.
Still, Pironti noted, "ISACA members, who are some of the most cyber-aware professionals in the world, are using mobile payments while simultaneously identifying and contemplating their potential security risks. This shows that fear of identity theft or a data breach is not slowing down adoption -- and it shouldn’t -- as long as risk is properly managed and effective and appropriate security features are in place."https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
Respondents ranked the leading vulnerabilities associated with mobile payments as follows:
- Use of public Wi-Fi (26 percent)
- Lost or stolen devices (21 percent)
- Phishing/smishing (phishing by text message) (18 percent)
- Weak passwords (13 percent)
- User error (7 percent)
"People using mobile payments need to educate themselves so they are making informed choices," ISACA international president Christos Dimitriadis said in a statement. "You need to know your options, choose an acceptable level of risk, and put a value on your personal information. The best tactic is awareness. Embrace and educate about new services and technologies."
According to survey respondents, the most effective way to improve mobile payments security is two-factor authentication (66 percent), followed by requiring a short-term authentication code (18 percent) and using phone-based security apps (9 percent).
A recent eSecurity Planet article looked at the growing problem of mobile payment fraud and offered advice on how to fight the threat.