Mobile payments such as ApplePay, Samsung Pay and other forms of contactless payment are here to stay. This was the headline finding from a recent survey conducted by Gemalto, which involved nearly 3,800 security practitioners across 11 countries around the world.
According to our research, while 9% of payments are mobile today, this figure will have doubled to 18% in two years time. Even more compelling is that while only 14% of the companies we surveyed accept mobile payments now, over half (51%) have plans to do so.
Quite clearly, organizations recognize that the speed and convenience of mobile payments are good for business. As customers become more familiar with using mobile devices, they will increasingly expect the convenience of doing so.
What’s going to hold companies back from adopting mobile payments? As so often is the case, the research tells us that they lack confidence in their ability to secure payment data. Indeed, some 54% of organisations do not believe, or are unsure, that the security mechanisms they have in place will be sufficient to support these new payment methods.
A majority of respondents believe that new payment methods such as mobile payments, contactless payments and e-wallets can put payment data at risk, and they are right to be worried. 45% of respondents suffered 4 or more payment data breaches in the past two years, and 51% have had 1-3 breaches. In addition, 55% said their companies did not know where all their payment data is stored.
Unsurprising, then, that only 26% of respondents felt their organisations were effective in securing payment data. So what are they doing about it?
First, encryption can be a major weapon in the protection of payment data. While less than half (43% percent) of respondents say their company currently uses encryption and/or tokenization to protect data is captured at the point of sale, a further 27% plan to do so.
Overall, 43% of organizations intend to increase investment in payment data security over the next two years. Only 13% of respondents said investment will decrease. But investment levels may not be enough — only 31% believe enough resources have been allocated to payment data protection.
The bottom line is that, even though organisations recognize the business advantages of mobile payments, they may lack the confidence to deliver them, undermining any benefits that could be realized.
Far from delivering a winning edge, no business can afford to treat mobile payments as a blunt instrument, particularly where the security and privacy of customers’ financial data is concerned.
To read the entire report, click here.