Why mobile payments won't make your holiday shopping more secure...yet

Posted at 11:57 AM, Dec 01, 2014

The holiday shopping season is known for two things, good deals and security breaches.

After major retailers like Target, Home Depot and Michael’s were all targeted by hackers last year, many experts are expecting the same number of attacks if not more will affect retailers this season even though some new preventative security measures have been introduced in the last year.

“The reason why the holidays are an attractive time for cyber criminals to attack retailers is that they are looking for volume,” said Jason Oxman, CEO of the Electronic Transactions Association. “They are looking for the largest possible cache of consumer information and the holidays are by far the biggest time of year for retailers.”

The U.S. government has long talked about beefing up security at banks and retailers and is currently putting most of its efforts into mandating the adoption of chip and pin or EMV technology. EMV will help secure credit cards at point of sale terminals in stores—but that technology won’t be available on a wide-scale until at least next fall.

On the private side, companies like Google and Apple have rolled out their own solutions that they hope will provide more secure options for consumers.

Google Wallet, Apple Pay and Softcard utilize one-time encrypted codes, or tokens, on a customer’s phone to pay for purchases.

Google’s system has been available on Android phones for over two years but has been criticized for collecting user’s purchasing information.

Apple Pay has been touted as the future of payment and is considered one of the most secure payment options currently available for both in person and online purchases. But there are a few catches there too.

Apple Pay only works with the latest version of the iPhone and so far only 2 percent of retailers are accepting it.

So where does that leave buyers this holiday season?

If they are lucky enough to own the newest iPhone or Android phone, experts suggest customers are best off using the mobile phone payments at the stores that accept them.

If not, normal magnetic stripe credit cards are the next best option—even though they are still susceptible to breaches.

“The most secure method of payment is using your credit card in some form,” said Oxman “All of the credit card networks provide zero liability networks so there is no liability for fraud.”

Although few buyers will be able to utilize mobile payments, Oxman says the next holiday season will see big changes once the technology become more ubiquitous.

“It is starting this year and it will be used even more next holiday season,” said Oxman. “There are 200,000 retailers out of 8 million that accept mobile payments. I expect that number to increase immensely.”

[Also by Miranda Green: Is the U.S. rollout of chip and pin technology too little too late?]

Want to keep up with all the latest DecodeDC stories and podcasts? Sign up for our weekly newsletter at