September 15, 2023, 1:20 PM EDT
The Future of Security in Digital Wallets
If you've been in the grocery store or at a concert recently, you've probably seen someone pay or gain entry using a digital wallet. They hovered their smart device, like a phone or a watch, near a terminal. Once the terminal validated their information, they paid for groceries or entered the stadium without the physical need for plastic or paper.
If you haven't noticed the use of mobile wallets yet, you will soon; today's consumers are increasingly leaving their wallets and purses at home. It's happening on computers, too, facilitated by checkout options such as Synchrony's Digital Buy, PayPal Checkout or Amazon Checkout.
Accessed via a smart device or other connected platform, a digital wallet stores financial and identity information—everything from car keys to credit and debit cards to airline boarding passes. It's a trend that's changing the way we all make transactions, and for good reason: Mobile wallets are convenient and secure, and enable a connected lifestyle.
An Astronomical Rise—With Room to Grow
Nearly every American already owns a mobile phone—and, more significantly, 85% of the devices they own are smart phones, according to Pew Research. The top five uses for a smart phone, according to a February 2023 survey, are web browsing, making phone calls, listening to music, accessing social media and taking and sharing photos. The sixth and seventh activities on the list are use cases that few, if any, users cared about 10 years ago: banking and shopping.
Indeed, digital wallets, which research firm Gartner describes as “storage place[s] of secure information necessary to authenticate a user and initiate an authorization process to make a transaction to purchase goods and services,” are catching fire across the country and the world. This year, the total value of global digital wallet transactions will hit $9 trillion, and that number is expected to shoot to $16 trillion by 2028–an increase of 77%, according to Juniper Research. Trade publication PYMNTS estimates that this year alone, 1.6 billion consumers will pay for goods and services with a digital wallet at the point of sale (POS), accounting for 30% of all POS purchases.
“We've seen this change over the past few years–in major cities, tapping your phone at a subway turnstile has eliminated the need for a prepaid card. Apartment dwellers may find that they can enter their buildings by simply tapping their phone at the entrance, removing the need to find your keys as you enter,” says Mike Storiale, Vice President, Innovation Development & University Partnerships at Synchrony. “Online, we've seen this shift take hold as well. The proliferation of checkout buttons has eliminated the need for many steps, including reentering of shipping information, payment credentials and even authentication.”
A Virtual Lock and Key
The rise in digital wallet use corresponds to consumers' desire for convenience and automation, but it's being supported by technology and security that's making it not only easier to make transactions, but safer, too.
Digital wallets employ numerous security measures that may keep information and transactions safe and secure. Two of the most visible—passwords and PINs—are probably ones that consumers are most familiar with. Each serves as an obstacle between a fraudster and access to your personal and financial data. Newer security measures such as biometric authentication, encryption and tokenization and two-factor authentication are also in the mix, with good results. Typically, the more security options that are used to complete a transaction, the better—however, it's worth noting that all digital wallet offerings can be seen as superior to physical or paper-based wallets, since the latter can be slipped out of a pocket or purse and used by anyone.
With passwords and PINs your identity or information is protected unless a person can enter the necessary credentials. This is why security experts and organizations suggest choosing passwords and PINs that are longer and use combinations of letters, numbers and special characters, and recommend changing them often.
Biometric authentication—for instance a fingerprint, facial recognition or retina scanner—provides even better security, since these techniques compare a security input (your personal data) against data that has already been captured and stored on your device. Two-factor authentication makes a digital wallet even more secure. It requires the user to input two different authentication types to gain entry, such as a PIN and a code sent via email or text, or a password along with a voice response.
Encryption, where data and information are encoded, and tokenization, a method of generating and applying a unique identification number every time you use your wallet, tie all these security measures together to keep everything secure, explains Will Kievit, Synchrony's Vice President, Products & Partnerships. “The token or number that's added to the phone is not the number that's on your plastic credit or debit card, and it can't be used unless it's used as a mobile wallet transaction. If you tried to type that number in online and make a purchase with it, it wouldn't work.”
The final proverbial bars on the door to your information are the fraud detection and monitoring systems that mobile wallet providers put into place on the backend. Although you never see them, financial intuitions and technology providers are constantly on the lookout for fraudulent card use and suspicious behavior.
Mitigating Risks, Fortifying Security: Businesses Stepping Up
On the backend, responsible businesses are doing everything in their power to mitigate challenges and risks related to digital wallets, keeping them as secure as possible, Kievit says.
One example: Any business that accepts a credit or debit card must adhere to PCI standards. “These outline how everyone must protect certain data, like the account number and the CVV number. For instance, the CVV number is never allowed to be stored anywhere, even by a bank. Businesses understand their responsibility in the ecosystem,” Kievit explains.
Other precautions include guarding against cyberattacks and data breaches as well as malware, phishing attacks, social engineering and identity theft. This includes providing careful training for employees and installing software and hardware that makes it very difficult for hackers to gain access to financial services. It starts with the fact that data is encrypted when it's stored on a bank or merchant's servers and while it is in transit between the financial institution and the merchant, so no one can intercept or steal it.
Organizations also conduct regular (and required) security audits to find possible weak points, Kievit says, with everyone being especially careful to safeguard against insider threats and unauthorized access—typically the weakest link for most organizations. In addition, financial organizations employ fraud detection and monitoring that uses artificial intelligence and machine learning to identify suspicious actions or patterns and shut down card access immediately, Kievit says.
“In retail, it's hard to beat encryption, so fraudsters shift the direction to things like phishing because it's less costly for criminals to go phish than it is to try and break encryption,” he says. “But even, there we can protect accounts using analysis. We can say, 'This person seems a little suspicious. Their mobile account was opened yesterday, and their phone is set to to an atypical language for their location. It seems a little bit suspicious, we're going to flag them.'”
However, at the end of the day, consumers should feel highly secure, since credit cards are consumer-focused in their protections, Kievit says. “What's the harm of all this, if your data is compromised? The harm is you must deal with the drama of calling in dealing with a dispute and getting a new credit card. But the reality is you're not going to be responsible for any fraudulent transactions.”
A Digital Wallet for Everyone
Digital wallets provide many clear benefits. They make it faster and easier to complete transactions—without the need to carry a payment card or cash. With the companies that offer them and accept them employing strong defense measures, they protect a user's financial information while also making it easy to present identification, coupons, passes or tickets to events, and more. Even if you lose your cell phone, without the passwords or PIN numbers, biometric data or two-factor authentication, there's no way to use the digital wallet stored in it.
Moving forward, it will only become easier to use digital wallets as the companies that enable them continue to introduce new features.
“We will see functionality that makes putting in personal information obsolete, since everything including address, loyalty programs, transaction details and preferences will be stored and accessible in one place. Consumers will have the ability to make purchases in any currency they want and even sign contracts or use their loyalty points right from their digital wallet,” Storiale says.
No matter where you're making a purchase, as the technology continues to mature, digital wallets will continue to make checking out faster, more secure, and seamless.
Synchrony is a leader in launching new capabilities and solutions for businesses to help drive sales, loyalty and reach new customers with more financing options. Contact us to request more information or to find out how we can do more for your business.