By: Jan Willekens, Information security manager for M-commerce, Ericsson
When it comes to the uptake of mobile wallet solutions in emerging countries, the technology involved becomes almost secondary to the way the solution is perceived by the public. Any money service not operated by a traditional financial institution will bring into question the role of security. In both existing and emerging markets mobile wallets for banking and payments have been met with a degree of caution.
The main concerns met by consumers are:
• What happens to my money if I lose my phone or SIM card?
• What should I do if my battery runs out or my connection is dropped midway through the transaction?
• Who do I call if I suspect fraud and can I get my money back?
In order to get people on side, mobile wallet providers need to understand, meet or exceed consumer trust expectations. This means providers will need to address security and privacy concerns, and safeguard against solution failure and backup mechanisms, if, for example, the phone is lost or stolen.
The Observer newspaper in Uganda has reported on the hundreds of millions of shillings reported lost by mobile money users every week (100 million shillings is around US $39,000). Numerous scams exist and involve scenarios such as, ‘I accidentally sent you money, can you send it back?’, honest mistakes where money is transferred to unintended recipients who refuse to return it, and even counterfeit banknotes deposited through unsuspecting agents.
Agents are also targeted by fraudsters posing as customers, in order to trick the agent into handing over his phone. The conman then transfers money from the agent’s account to an account he controls. That’s not to say that agents cannot be fraudulent themselves and some exploit the fact that many people rely on them to help send money and even disclose their PIN codes.
Building user awareness is an important countermeasure as any degree of skepticism regarding security will prove highly detrimental to the uptake of the service going forward.
Jan Willekens is the Information security manager for M-Commerce, Ericsson. Jan is responsible for information security in the Wallet Platform and Converged Wallet products and the M-Commerce Interconnect service. With more than 10 years’ experience in security and enterprise architecture, Jan has worked in the financial services, telecom and manufacturing sectors, in startups as well as multinationals. At Ericsson, Jan has been involved with M-Commerce since its very beginning, ensuring security is embedded in the product development lifecycle and M-Commerce’s products have banking-grade security. Jan’s ultimate goal is to significantly reduce fraud, and thus save significant money for Ericsson’s customers.
