Mobile payment has quickly taken off since the launch of Apple Pay, and many tech companies are vying to establish a dominant role in this emerging industry. Aside from having a sustainable business model, the widespread acceptance of mobile payment is critical for a service provider in generating a steady profit. A report from Topology, a division of TrendForce, states the global shipments of mobile phones with near field communication (NFC) feature reached 400 million units in 2014. This amount represents 20% of the total mobile phone shipments worldwide for that year. The percentage of the NFC-enabled mobile phones is expected to rise about 30% in global mobile phone shipments in 2015. By 2018, this percentage is likely to surpass 60%, or to exceed 1.2 billion units in shipments. Before this happens, however, the penetration of mobile payment usage will be determined by the development of related security measures.
Ariel Chen, TrendForce’s analyst of the semiconductor industry, said monetary transactions via mobile devices require very high security standards, so when it comes to data protection a hardware-based solution is more suitable than a software-based one. Though communications between devices were commonly protected by software, certification authorities can be hacked and security protocols can be broken by various means.
Apple Pay leads as an example of how hardware-based security works in mobile payment. The credit information of iPhone users are encrypted by “Tokenization” and then stored onto a special, dedicated chip known as “Secure Element”. This tightly sealed system ensures that not even the application processor in the phone will be able to decrypt and read the credit information. Nonetheless, this extremely careful protection still has a flaw when it comes to user identification. The malicious party can use their own iPhones to make payments with credit card information that they have already stolen. Indeed, recent studies reveal that Apple Pay is suffering a much higher fraudulent transaction rate than the traditional credit card payment system.
Chen said banks and IC chip makers will have to work closely together in order to prevent this type of frauds. At the banks’ end, the verification process for customers signing up for a mobile payment service must be stricter than ever. Banks have to make sure they are letting the right people load credit information onto mobile devices. As for the IC chip makers, they have the task of creating more secure and practical authentication mechanisms. Currently, there are already many active entrants in this market, including specialists in fingerprint recognition, voice recognition, and other biometric authentication systems.
A secure mobile payment system will not be the sole responsibility of credit card issuers, acquiring banks, or IC chip companies. Formulating a secure solution that is fully tamper-proof requires collective efforts of these actors along the industry chain. The NFC-enabled phone industry will enter a booming period of high growth only when people are not hesitant about using their mobile devices to make purchases.