Are Digital Wallets Safe?

Last Update: February 8, 2021 • Credit Cards • Fraud • Identity Theft • Scams •

Digital wallets are still a relatively unknown payment method among many households. They are increasing in prevalence every year. Some experts predict that digital wallets will also replace paying for in-store purchases with cash or swiping a credit card soon. More digital and more personal information is stored electronically. People wonder if these types of wallets are safe and secure to use and if there risks of identity theft.

What are Digital Wallets?

A digital wallet is a software program, usually on a smartphone, that allows a person to pay in-store or online without cash or a physical credit card. To be able to make purchases, the user needs to own a credit or debit card that is linked to the wallet. They can also link a bank account, and funds will automatically be withdrawn when a purchase is made. Depending on the wallet and type of device, the customer might have to use their thumbprint to authorize a purchase. For in-store purchases to process, they will have to hover their smartphone or smartwatch on a scanner (similar to boarding an airplane with an e-ticket) for the purchase to complete. The payment information is transferred wireless via Near-Field Communication (NFC) or EMV technology.

Several different digital wallet programs exist, but the best digital wallet apps are Apple Pay, Android Pay, Samsung Pay, and PayPal. The first three are the most functional for those wanting to purchase with their smartphones. Most major credit and debit cards will link to these wallets, and merchants will increasingly accept this form of digital payment. In addition to being used as a payment method, users can also link their driver’s license, medical insurance cards, store loyalty reward cards, and other personal identification documents. In short, nearly everything a person might keep in their physical wallet can be digitally stored on their smartphone.

What Security Features are Out There?

Unfortunately, it’s not uncommon to hear about hackers stealing personal information from various retailers, medical providers, government agencies, etc. Because of this risk, companies have gone to great lengths to minimize the risk of identity theft from digital wallets. To make an in-store purchase, the customer will need to unlock their phone with a pin or a fingerprint to authorize a purchase. If paying with a credit or debit card, an image of that card will display on the screen to verify that the purchase is being charged to the correct account.

Another security feature used by the various wallets is tokenization. Instead of providing the credit card information when swiping the phone, the app will generate a random code called a random account number unique to the purchase and not linked to the credit card. If somebody in the area is skimming data by chance, all they will have is a useless string of numbers that cannot be traced back to the credit card or buyer. Digital transactions are not foolproof but are significantly safer than the traditional magnetic swipe of a credit or debit card transaction.

What if somebody loses their smartphone? It can be just as sickening of a feeling as losing a physical wallet as both objects contain personal information. As the “Big Three” digital wallet apps are created by the phone maker (i.e., Apple, Android, Samsung), the security features to access the wallet app will overlap the security features to unlock the phone. If biometric verification is enabled, a thief or the person who finds the phone will have a tough time getting past these security measures. The wireless carrier can lock the phone, create a new password or wipe the added safety content.

One can also install a third-party Virtual Private Network (VPN) app on their phone as an additional security measure. A VPN has wireless communication pass through a private channel and makes it even harder for hackers to intercept a signal.

As many predict digital wallets to be the prevailing payment method of the future, software developers take security very seriously. Their credibility depends on it. If Apple Pay has a series of security breaches, chances are people will use phones that use another wallet instead may never return to give Apple Pay a second chance. Just as credit cards offer zero liability for fraudulent purchases, digital wallets offer similar payment protection policies.

What About Online Purchases?

In addition to being used at physical merchants, digital wallets can also be used to pay for purchases on online stores and within apps. This concept isn’t very new as services like PayPal have been doing it for years now. The concept has only recently been adopted by smartphone makers, banks, and merchants to provide another payment method for consumers. Instead of typing in a credit card or bank account number for each purchase, the buyer only needs to enter a username, password, and possibly a pin. The payment information is encrypted for online purchases, similar to in-store purchases. Their payment information is stored in one place that only the wallet can access, and the merchant receives a unique code to complete the purchase. In-app purchases might also require fingerprint verification to complete a purchase.

Anytime someone doesn’t have to hand over their credit card directly or to a merchant makes it harder for cyber thieves to steal sensitive information. There are specific security precautions to take with any payment to prevent cyber thieves from finding a “backdoor” into a program or electronic device. Certain recommendations include never purchasing an unsecured public Wi-Fi network, installing software updates, and making all purchases from a single device.

Pros and Cons of Digital Wallets

The concept of digital transactions for physical purchases is still very new, but an estimated 18% of households regularly use this payment method. Any new technology has “growing pains” before it is used widely used and tested.

Pros:

Payment information is stored in one place instead of being held in each merchant’s database that made a sale.
Biometric data or password required to complete a purchase.
Credit card thieves can duplicate cards, and very few merchants ask for photo identification before using it.
No fraud liability protection for fraudulent purchases as offered by credit card providers.
No additional cost to the consumer to use compared to traditional payment methods.

Cons:

Only major retailers currently have the capability to accept this payment method.
The risk for identity theft is present anytime information is transferred digitally.
App providers can do little if they accidentally provide too much information to an illegitimate website.
Not every phone is compatible.

Conclusion

As the world becomes more digital, thieves and cybersecurity experts are always competing to outmaneuver the other. Digital wallets are an answer to help consumers, merchants, and banks to perform secure transactions in the coming decades. Digital wallets are safe, but they are not foolproof. Developers have gone to great lengths to use current technology like biometrics to prevent personal information from falling into the wrong hands¸ but still make the programs easy enough to use that the average consumer can make a payment without a glitch. As the technology continues to evolve and more smartphones have the capability to make in-store digital payments, the average consumer will feel more secure and comfortable using a digital wallet instead of swiping a plastic card. As the world is not perfect, there is always the risk that information can be compromised regardless of payment method, and both the consumer and developer will need to use their best judgment to determine when it is safe to make a purchase.