One-Time Passcodes: Digital Wallet Fraud Surge
Okay, here’s a breakdown of the key information from the provided text, focusing on the security concerns around digital wallets and payment preferences:
Key Concerns: Security of Digital Wallets
SMS OTP Vulnerability: many banks still rely on SMS one-time passcodes (OTPs) to verify card additions to digital wallets (apple Pay, Google Wallet, etc.). This is a weak security measure.
Phishing Exploitation: Criminals are using phishing scams to harvest card details and then trick victims into providing OTPs, allowing them to add the card to their phones and make fraudulent purchases.
Widespread Use: The inquiry by Which? found that the majority of the 15 banks surveyed still use SMS OTPs.
Banks Lagging: Major banks like HSBC and Santander still use SMS OTPs.
Progressive Banks: Chase and Monzo never used SMS OTPs. Starling has phased them out of Google Pay.
Consumer Payment Preferences
Convenience Over security: UK shoppers prioritize convenience over security when choosing payment methods.
Mobile Wallet Decline: Mobile wallet usage is decreasing year-over-year.
Cash Comeback: Cash payments are increasing (up 26% since 2023) and have overtaken mobile wallets as the second most popular in-store payment method.
Speed is Key: The primary reason people use mobile wallets is speed/convenience (75% cited convenience, 50% cited faster transactions). Onyl 20% view them as the safest option.
Rising Fraud: 70% of UK fintechs reported rising fraud volumes in 2024.Expert Opinion
balance Needed: Rona Warne (Global Payments) emphasizes the need for businesses to balance speed and trust, and to offer customers a choice* of payment methods.
In essence, the article highlights a concerning gap between the security of digital wallet verification methods and consumer payment preferences. People are choosing convenience, even though it comes with increased risk, and some banks are slow to adopt more secure alternatives.