Mobile shopping is a swiftly growing sector of the economy. This year, it has been anticipated that at least two billion purchases will be made via mobile apps devices, and total sales are predicted to be well over three billion dollars. This increase is leaving many companies to scramble to find people capable of updating and adapting their existing mobile commerce sites to mobile applications. While there has been a lot of focus on the user experience, however, there has not been nearly enough attention given to the security of these mobile applications.
This lack of attention means that many of the new mobile shopping platforms and apps available on the market have numerous security issues. In addition to the usual concerns surrounding online payment systems, mobile sales seem particularly vulnerable to fraud.
What are the concerns?
When companies start thinking about their mobile shopping experience, they tend to focus most of their attention on their customer experience. That usually means they devote a lot of resources to improving their website’s load time and presentation on mobile devices, but not nearly enough on the security issues that are unique to mobile devices. IN fact, over 90% of companies in a recent survey stated that they used the same package of security software for their mobile website that they used on their desktop sites.
The problem with this approach is that mobile commerce tends to attract a different type of clientele than traditional desktop commerce. In some cases, mobile payments actually present less risk. Because most people tend to purchase big ticket items with their desktop computers, mobile commerce usually deals with smaller total purchase amounts. That means that many merchants have higher approval rates for goods that are purchased via their mobile apps than through their desktop websites.
Digital goods and services, however, carry an extremely high risk of fraud. Fraud attempts for digital products or services are nearly four times as high as attempted fraud rates for physical goods. Gift cards that are purchased through mobile deices report fraud rates that are nearly twice as high.
Some of these fraud attempts exploit weaknesses unique to mobile payments. Because many merchants rely on mobile sites that require human verification, it’s common for fraudsters to make purchases in early morning hours. Many of the traditional methods used to flag potential fraud also don’t work in a mobile setting. For example, not using a promo code and only purchasing a single item are usually indications of fraud in traditional e-commerce platforms. In mobile apps, however, single item purchases are much more common, and use of promo codes is rare.
The cost of this fraud can be significant. Even when merchants catch the fraudulent charges, they must still pay fees to a credit card company to process the chargeback claims. If the company only realizes the error after shipping goods or providing a service to the customer, there is very little chance that they will be able to recover the lost merchandise.
How can I address this?
While there are a few general rules that companies can follow to protect themselves, organizations that are serious about improving their mobile presence need to invest in employees that are familiar with the unique security challenges presented by mobile payments. Specifically, look for a person who has experience with both mobile security and your particular industry. Mobile security is different for each company, and only someone familiar with your industry will know what specific challenges you face in regard to product delivery and customer expectations.
Whether you’re looking for an individual who can set up a secure mobile payment system, or a team of people to provide ongoing mobile security support, make sure you talk to the recruitment specialists at ICS. They have years of experience in finding the right IT security personnel to meet your organization’s and project’s requirements.