Mobile payments are just one more way that we can go without our wallets these days. However, this convenient payment method might also make us – unwittingly – provide valuable personal information to merchants. This article takes a closer look at mobile payments and associated privacy concerns.
What are mobile payments?
Mobile payments represent one of the latest methods that consumers can make payments. Using mobile phones, these payment systems are touted to reduce transaction fees, increase convenience and improve payment security. On the flip side, these mobile payment systems also make it simpler for businesses to identify consumers, collect more information about consumers and share more information about consumers’ purchases between increasing numbers of businesses.
Mobile payment is becoming increasingly common in many parts of the world. It is slowly but surely gaining acceptance in the United States, especially amongst younger consumers. A Federal Reserve survey found consumers in the 18 to 44 age bracket represented over two-thirds of mobile payment users.
Currently, it is unclear to users of mobile payment services exactly what kinds of personal or sensitive information is being recorded or retained by the company owning the mobile platform. Users typically know even less about how their information is being used for marketing purposes.
In April 2012, the Center for Democracy and Technology (CDT), a nonprofit organization which focuses on technology laws, published an article highlighting the privacy issues inherent to mobile payments. In it, the organization pointed out that mobile payment services often expose consumer data to companies that are not typically included in traditional credit card transactions. Mobile services often include the credit card issuers, payment processors, mobile payment provider, mobile network operator and any third party apps that the consumer downloads. All of these parties can gain access to the consumer information revealed in a transaction and use this sensitive information in various new ways.
With mobile payments, merchants also receive more detailed consumer information. With traditional credit card transactions, the merchants would get an itemized receipt of the customer’s purchases. In a mobile transaction, the merchant would receive the cardholder’s full contact information (e.g. telephone number, email address, mailing address, etc.).
Furthermore, many mobile payment services collect consumers’ contact information upon registration with the service. These services and apps can also be programmed to provide merchants with consumers’ phone numbers, email addresses and even purchase histories during an in-store transaction, as long as the merchant’s point of sale system is able to receive this information.
“Building strong user privacy controls into mobile payment services during the design phase is the most efficient way of addressing these problems… Mobile payment services should give users both global and granular options to restrict the disclosure of any information that is not necessary to complete a transaction. This way, consumers can decide how much information is given or withheld from merchants, mobile payment providers, and app developers.”
Mobile Payment Survey
A study entitled Mobile Payments: Consumer Benefits & New Privacy Concerns published April 24, 2012, made some important findings regarding the use of the new technology. The survey posed a number of questions by phone to 1,200 people across the US. There were some important findings, including:
- Four out of five of those surveyed objected to the transfer of their phone number to a store where thy purchased goods.
- Fifteen percent of respondents said that they would “probably allow” transmission of their phone number, while just three percent responded that they would “definitely allow it.”
- Consumers were distinctly less worried about sharing their email addresses. Half the respondents said that they wouldn’t want to share their email addresses with merchants, while one-third reported that they would be “willing” or “probably willing” to do so.
- When asked whether consumers would be willing to share “information about you with the stores that you visit, when you are just browsing,” respondents reacted strongly. Ninety-six percent of respondents said that they would “definitely not allow” or “probably not allow” the practice.
In recent years, more and more consumers have been introduced to mobile payment systems, which allow consumers to make payments through their mobile phones. While this method is becoming more popular, offering consumers a new level of convenience, security and reduced transaction fees, privacy rights organizations have also raised a number of concerns regarding the practice. Mobile payment transactions tend to reveal far more consumer information, to a greater number of entities. The article takes a look at a recent study entitled Mobile Payments: Consumer Benefits & New Privacy Concerns, which surveys consumers and reflects how this new technology is being received in the marketplace.
CIPP Exam Preparation
In preparation for the Certified Information Privacy Professional/Information Technology (CIPP/IT) exam, a privacy professional should be comfortable with topics related to this post, including:
- Privacy expectations – consumer perspective, organizational practices (II.A.a.; II.A.b.)
- Data types – credit card information (I.A.C.iii.)
- Data processing – third parties and vendor management (I.F.b.ii.)
- Implementing technologies with privacy impacts – business intelligence and analytics (VI.E.)