Richard Bucker

Beware of mobile payments

Posted at — May 9, 2012

With the likes of PayAnywhere and Square are making moves in the mobile payment space one should always remain vigilant when handing your credit cards to anyone.To start. PayAnywhere and Square; while they are a Point of Sale(POS) application implemented on a mobile device they are really a mobile merchant payment device or mPOS. The distinction is going to be important because for the time being these devices are riding the coat tails of the in-app and cardholder facing payment in order to get marketshare.Cardholder facing payment services and apps require that the cardholder install an app on their mobile device. The vehicle for installing the software is typically a 3rd party like the Apple AppStore which acts as a vetting process for the app vendor.Merchant facing apps, while it’s a good idea that the apps are installed from a 3rd party like the appstore, it’s not required.  A merchant can, in fact, develop their own application, download a development version of the application to a mobile device, and you’d never know the difference. They could be skimming your credit cards in plain sight.With an mPOS application, like most traditional devices, you are the mercy of the merchant that they are trustworthy, however, unlike traditional POS devices where there is typically a professional service organization supporting the device. Most mobile devices are self maintained or maintained by amateurs.The point I’m getting to here… mPOS devices and payments are not any more or less secure than traditional POS systems. Make sure you trust the merchant or the clerk with your card before you hand it over.PS: Square does offer an interesting alternative. It’s s suite for the cardholder and the merchant that lets the cardholder initiate the payment from the cardholder facing device then is loosely integrated with the merchant facing device.