Skip to Content

Your Mobile Phone Is More Secure Than Your Visa Card

As mobile payments become more common, thieves will be more likely to target them.
January 26, 2015

Is waving your smartphone over a store-counter gadget really a secure way to buy something?

Right now, such mobile payments—via Apple Pay and similar systems—are extremely safe and secure, thanks to layers of protections including PINs, fingerprint identification, cryptography, and the logging of transaction data.

Mobile payment systems use near-field communication, or NFC, to transfer payment information from the phone to a store terminal within a few centimeters. Whereas information stored on magnetic-stripe credit cards can be read by anyone with access to the card, mobile payment systems generally store the data in encrypted form on a special NFC chip and require the user to enter a PIN or even a fingerprint.

While newer credit cards also include a chip and require users to enter a PIN, mobile phones could still hold an advantage because they can log location and other data that could be used later to help prove whether a transaction was fraudulent or not.

To avoid major damage if retailers’ databases are hacked, Apple Pay and some others also give stores “tokens,” or encrypted strings of data about the purchase, without passing along the actual credit card numbers.

For now, attackers have easier targets than mobile payments, including magnetic-­swipe systems and department store servers housing millions of card numbers. However, as credit cards become harder to hack and more payments are made on smartphone, mobile payments will increasingly attract thieves.

One route in might be malicious software that steals your phone’s payment credentials by getting beyond barriers imposed by Android and Apple’s IOS. An essential defense: partitioning off payment functions with software or, better yet, more secure chips. Chipmakers are already broadening their products to emphasize “walling-off” functions, with one example being ARM’s TrustZone.

Keep Reading

Most Popular

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

The problem with plug-in hybrids? Their drivers.

Plug-in hybrids are often sold as a transition to EVs, but new data from Europe shows we’re still underestimating the emissions they produce.

How scientists traced a mysterious covid case back to six toilets

When wastewater surveillance turns into a hunt for a single infected individual, the ethics get tricky.

Google DeepMind’s new generative model makes Super Mario–like games from scratch

Genie learns how to control games by watching hours and hours of video. It could help train next-gen robots too.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.