Security Market Segment LS
Thursday, 14 November 2019 23:28

Shopping securely: Cyber security tips for in-app checkout & mobile payments


SPONSORED NEWS. In-app mobile checkouts are a smart, convenient way to pay on the go - but what cybersecurity risks and considerations do customers need to be aware of? To help keep your finances secure while you shop, the team at ESET has put together a guide to everything you need to know about in-app checkouts and cybersecurity best practices.

Mobile payments are on the rise

In today’s digitally connected, always-on world, convenience is king. Just look at how we use our devices. Today, mobile is one of the top digital touchpoints for shoppers, with nearly half (46%) of all ecommerce market revenue in Australia last year transacted through mobile devices, according to tech analyst firm Telsyte.

To adapt to our demands for convenience and seamless user experiences, retailers are continually elevating their mobile experiences in order to attract, convert, and retain loyal customers. Every online interaction needs to be easy, instant, and secure - or customers will shop elsewhere in a matter of seconds.

The need for such constant customer-centric innovation can be seen in a recent move by Facebook-owned Instagram, that, little by little, is making its way into the ecommerce industry. In March this year, Instagram announced its plan to add a checkout feature to its mobile apps in the US. The company first introduced shopping features in 2016, but up until now customers had to leave the app in order to make a purchase.

The emergence of in-app checkouts and payment options signals yet another way for customers to pay on the go with the utmost convenience. But, as with any innovation, the in-app checkout also gives rise to new cybersecurity risks and considerations. So what do you need to know to stay secure while shopping via an in-app checkout?

What is an in-app checkout?

Mobile app checkouts allow customers to store payment information within an app to make purchases more quickly. Such features typically include support for Visa, Mastercard, American Express, Discover and PayPal. Other in-app checkouts allow users to pay for items in-store via the app, such as with popular ice cream brand Messina’s app.

For Instagram, brands like Nike, Adidas, Dior, H&M, MAC Cosmetics, Prada, Uniqlo, and Zara have started to utilise Instagram’s checkout feature. Businesses will also be able to integrate their checkout with partners such as Shopify, BigCommerce, ChannelAdvisor, CommerceHub and more in the future. In return, Instagram is charging retailers a selling fee.

Smartphones are increasingly being used for mobile payments in Australia - according to Telsyte, about half of all mobile payment users surveyed said they used smartphones for this purpose regularly. One in eight Australians between the ages of 16 and 34 had also changed or joined a new banking provider because of lack of support for mobile payments.

What are the risks of in-app mobile payments?

As our passion for online shopping continues to grow, it’s important to be aware of the cyber security risks and best practices when using an in-app checkout.

1. Public Wi-Fi

Whenever you send data over an unencrypted network, like a public Wi-Fi network, you open up the opportunity for hackers to breach your network and access that data. If you’re using an in-app payment system, setting up a mobile wallet, or accessing a mobile banking app while connected to an unknown source of Wi-Fi, it’s possible for hackers to access your payment details. Avoid this risk by only connecting to trusted Wi-Fi networks, and never entering any personal information on your phone while using public Wi-Fi. If possible, use a VPN when connecting to unsecured networks, or simply switch off your Wi-Fi and use your mobile data for transactions on the go.

2. Stolen Devices

One of the great things about in-app mobile payments is that it's far more convenient and secure for users to make purchases. However, instead of all your cards being stored in your wallet, their details are stored on your phone - and one of the most common mobile payment security concerns is what happens if your device is stolen.

Using a strong passcode on your mobile device is your first line of defense. Many mobile security apps also allow you to remotely wipe your device if it’s stolen.

3. Weak passwords

If you don’t set strong passwords, or have used the same password for multiple accounts and sites, your mobile payments may become vulnerable to hackers. If cybercriminals are able to access to your PayPal password, for example, then they may gain access to your linked card or account. Further, if a cybercriminal can access your email through compromised credentials from a related account, they may then be able to initiate a password reset on your payment system account and perform the confirmation step via your email account.

4. Malware attacks

If your smartphone has been infected with malware, then your financial data will be at risk. Android has its fair share of malware and scam apps, and iPhones aren’t immune, either. Being cautious about common phishing tactics, which apps you download and which sites you visit can help to minimise this risk, as can a multi-device cybersecurity solution like ESET Internet Security.

5. Flaws in Apps

Handing over your cards to an app puts a lot of trust in the app’s level of security - and just one vulnerability in a payment app could expose all your data to hackers. While reputable apps release regular security updates and patches, it’s still always a potential risk that the developers have missed something.

Paying securely

Common online payment gateways, such as PayPal, New Payments Platform (NPP), PayID and Osko by BPAY, can add an extra level of security to your mobile payments through data encryption and anti-fraud technology.

Most trustworthy in-app mobile checkouts should offer these payment methods, and you should make use of these whenever you have the option. On the other side of the coin, retailers that follow best cybersecurity practices for mobile app checkout and payment functionalities will have a significant advantage over their competitors.

Mobile payment technology will continue to evolve and improve as online businesses work to meet their customers’ demands for a smoother user experience and better security. However, there will always be some level of risk when making payments online. To stay protected, ensure you maintain good security habits and consider whether your device and cyber security software is adequate for your mobile payment needs.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more




Recent Comments