Last Friday, the Federal Trade Commission released a report, Paper, Plastic…or Mobile?, on the use of mobile payments. The report follows a workshop hosted by the FTC in April 2012 that explored innovative mobile payment products and services, the potential benefits offered by mobile payments, and the concerns they raise. For purposes of the report, mobile payments generally include four types of payment processes: (1) near field communication (NFC) technologies, (2) mobile applications, (3) online checkout wallets, and (4) mobile carrier billing (charging of payments directly to a mobile phone bill).
The report focuses on the primary areas where the increasing use of mobile payments raises concerns, including dispute resolution, data security, and privacy. The report also highlights special concerns regarding mobile carrier billing and international mobile payments.
The report provides background information on each of the concerns and identifies potential ways to mitigate the concerns.
- Dispute Resolution – Depending on the payment source used to fund the mobile payment, there may or may not be statutory protections to consumers for fraudulent payments or unauthorized charges. Credit cards and debit cards are subject to statutory protections whereas gift cards are not. Some companies have contractually provided comparable protections to gift cards as the protections provided statutorily to credit cards and debit cards. The report suggests companies should develop clear policies regarding fraudulent and unauthorized charges and convey these policies to consumers.
- Data Security – The report references the study issued last year by the Federal Reserve on the use of mobile payments and its finding that 42 percent of consumers cited data security as the reason why they have not used mobile payments. In fact, technological advances in mobile payments offer the potential for increased data security. For example, mobile payment technology allows for end-to-end encryption of data throughout the entire payment chain whereas traditional payment systems store or transmit data in an unencrypted form for part of the process. The report reminds consumers to take advantage of existing data security controls, such as password protection, and directs mobile payment providers to increase data security as financial information moves through the payment channel and to encourage adoption of strong security measures by all companies in the mobile payments chain.
- Privacy – The use of mobile payments raises significant privacy concerns due to the high number of companies involved in the mobile payments ecosystem and the large amount of data being collected. Companies in the ecosystem include banks, merchants, payment card networks, operating system manufacturers, hardware manufacturers, mobile phone carriers, application developers, and coupon and loyalty program administrators. The report states that three practices from the FTC privacy report, Protecting Consumer Privacy in an Era of Rapid Change, apply to mobile payment companies: (1) privacy by design, (2) simplified privacy choices for businesses and consumers, and (3) greater transparency.
- Mobile Carrier Billing – Mobile carrier billing presents particular challenges because there are no federal statutory protections governing consumer disputes about fraudulent or unauthorized charges and because of the prevalent practice of “cramming” involving a third-party placing fraudulent charges onto consumers’ mobile carrier billings. Consumers should have the ability to block all third-party charges on their mobile accounts and mobile carriers should clearly and prominently inform customers that third-party charges may be placed on accounts and explain how to block all such charges. Mobile carriers also should establish clear dispute resolution processes. The report also recommends as a general matter that entities involved in third-party billing conduct meaningful upfront vetting to ensure that only legitimate third-party merchants are able to place charges.
- International Mobile Payment Issues – Mobile payments have developed extensively in other countries in varying forms. Consumers in some countries, such as Kenya and the Philippines, use mobile payments for remittances and person-to-person money transfers. The Organization for Economic Cooperation and Development’s (OECD) Committee on Consumer Policy is in the process of preparing policy guidance for governments and stakeholders on issues such as information disclosures for mobile payments, dispute resolution, and the varying levels of consumer protection among payment providers and payment vehicles.
The FTC concludes the report by encouraging companies developing mobile payment products and services to create them with financial, security, and privacy protections in mind. The FTC will continue to monitor mobile payments and evaluate whether consumers have adequate protections and the information they need to make informed choices.