European Central Bank seeks comment on mobile security proposals
A draft set of 14 recommendations to promote the security of mobile payments has been published by the European Central Bank for public consultation.
The report is based on work carried out by the European Forum on the Security of retails Payments, a voluntary cooperative set up in 2013. Previously the forum has published similar reports: one on the security of internet payments in April 2012, followed by a report on “payment account access” services in January 2013.
Recognising that recently introduced types of mobile payments are still at an early stage of development and deployment, the study says that there are payments may result in additional security issues because of:
- the fact that the current generation of mobile devices and their operating systems were generally not designed with the security of payments in mind;
- the reliance on radio technology (such wireless small range technologies such as Bluetooth and Near Field Communication or the over-the-air data channels provided by the mobile network operator) for transmission of sensitive payment data and personal data;
- the “involvement of additional actors” such as mobile network operators and trusted service managers, compared with traditional payments;
- the “general reduced security awareness of mobile device users or unsafe customer behaviour”.
The full report can be found on the ECB website. The consultation period closes on 31 January 2014.