Cell Phones: The New Way to (Safely?) Pay

November 2014
One would be forgiven for mistrusting credit cards these days. It seems like every month for the past year, some company announces that it’s had customer credit information stolen. For some companies, the thefts were isolated to a few thousand individuals; others, like Target and Home Depot, exposed the data of millions of customers.

In September, the world of digital transactions took a sudden turn when Apple announced its new “Apple Pay” service. Having already popularized digital revolutions in cell phone and tablet technology, Apple wants to facilitate a safer and more convenient way to pay at stores and online. Using near-field communication (NFC)—a short-range wireless signal—Apple Pay allows you to touch your phone to a special credit card reader and make a transaction.

Like any new type of transaction, the technology has been met with varying degrees of skepticism. Some believe the wireless broadcast of a payment leaves them exposed. Others point out that adding banking information to an already data-loaded phone only increases the risk of full identity theft if the device is lost or stolen. In fact, resistance to NFC payments has been so strong that Google Wallet, which offers NFC payments on Android devices, still has few users despite launching three years ago.

Of course, broadcasting your credit card number through radio waves (even very short-range ones) would be extremely dangerous. That is why NFC payments don’t store or transmit credit data in the traditional sense. In fact, Apple Pay holds no raw card data on the phone or in cloud storage. It creates one-time, digital “tokens” to verify transactions. During a transaction, a token is sent to a creditor, where it is decrypted and authorizes the release of funds. Once an exchange is complete, the token created for it is useless.

In addition to making any “skimmed” banking data useless, transactions using disposable tokens also hide you from retailers. Apple Pay tokens only facilitate monetary transactions, preventing a retailer from collecting any personal information. Apple has also said that their devices will not keep any information about your purchases, just a basic record of transactions.

Apple Pay’s final layer of security comes through human authorization. For each purchase, a device requires verification from the user by PIN or fingerprint scan on the device. This not only means that a user must acknowledge every transaction, but that a phone thief will have great difficulty making a purchase even if the phone were stolen.

Given its ability to secure and obscure data, Apple Pay is being praised as one of the most secure ways a person could make a retail purchase.

Or so we think.

The reality is that Apple Pay and other NFC credit systems are still too new for us to be certain of total security. As they grow more popular, hackers and data thieves will become increasingly interested in finding ways to break in and steal data. Just because the creators can’t think of a way to beat the system doesn’t mean someone else won’t.

The important thing to remember as the digital age progresses is that convenience through consolidation always adds a certain kind of risk. Apple has made a strong effort to make Apple Pay a safe service; now the responsibility is on us as consumers to protect our information. If we want to turn our phones into wallets, we need to be prepared to guard them as if they were both. We cannot continue to give identity thieves easy jobs by being lazy with passwords, linking accounts or leaving our phones unattended. It’s not wrong to put all of our eggs in one basket—we just need to be sure we watch that basket closely.
Remember that past performance may not indicate future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, strategy, or product referenced directly or indirectly in this newsletter will be profitable, equal any corresponding historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. You should not assume that any information contained in this newsletter serves as the receipt of personalized investment advice. If a reader has questions regarding the applicability of any specific issue discussed to their individual situation, they are encouraged to consult with a professional adviser. 

This article was written by Advicent Solutions, an entity unrelated to Guidestream Financial, Inc.. The information contained in this article is not intended to be tax, investment, or legal advice, and it may not be relied on for the purpose of avoiding any tax penalties. Guidestream Financial, Inc. does not provide tax or legal advice. You are encouraged to consult with your tax advisor or attorney regarding specific tax issues. © 2014 Advicent Solutions. All rights reserved.

Contact us

We look forward to connecting with you

Keep in touch with us

Please use the following information to contact us. For security reasons, please do NOT send sensitive information such as account numbers, social security numbers, balances etc. through the website. 

Name: GuideStream Financial, Inc.
Phone: 800-325-8975
Fax: 517-750-2752
Address: 8050 Spring Arbor Rd., PO Box 580, Spring Arbor, Michigan 49283