The Federal Trade Commission (FTC) issued last week a staff report titled “Paper, Plastic… or Mobile? An FTC Workshop on Mobile Payments,” which is based on a workshop held in April 2012 by the FTC.
Consumers are more and more often offered the possibility of paying bills, or making a purchase and paying for it, using their mobile phone.
The report quotes a 2011 survey which found that 83% of financial executives predicted that mobile payments would be widely adopted by consumers by 2015. A report published in 2012 by the Federal Reserve found that 12% of the 87% of Americans owning a mobile phone had made a mobile payment in the past 12 months, mostly to make an online bill payment. Forty-two percent of the persons who had not made such payment yet cited security concerns as the primary reason for not doing so.
Panelists in the April 2012 FTC workshop cited three main sources of concern regarding mobile payment: dispute resolution, data security, and privacy.
The level of protection of consumers against fraudulent or unauthorized transactions depends on the underlying funding source of the mobile payment. If the funding source is a credit card, the capping liability for the consumer is $50, under 12 C.F.R. § 1026.12.
Same goes for a debit card, if the consumer reports the fraud within two business days, but the cap is $500 after that, pursuant to 12 C.F.R. § 1005.6.
However, no federal statute protects the consumer if the funding source of the unauthorized transaction is a pre-paid card or a gift card, but the Consumer Financial Protection Bureau is currently examining the possibility of such protection.
Also, no federal statute protects consumers against fraudulent charges on mobile carrier bills. It is a source of concern for the FTC, as a mobile payment may be done by charging it to a mobile phone bill. The FTC recommends giving consumers the power to block all third-party charges on their mobile accounts. Also, mobile carriers should have a clear and consistent dispute resolution process for dealing with suspicious charges.
There are federal and state laws imposing data security requirements on businesses collecting and using financial and sensitive information. Consumers themselves are advised by the FTC to take practical steps to secure their financial information, such as setting a second password for any payment apps.
Many different parties are privy to an online payment transaction, including banks, merchants, apps developers, and mobile carriers. They all have access to more consumer data as compared to data collected during a traditional payment, as they know about the financial information and the purchase information.
The recommendations set forth in the FTC Privacy Report, such as privacy by design and consumer’s choices about data to provide for collections should also apply to companies dealing with online payments. The FTC also recommends providing transparency about mobile payment data practices in order to improve consumers’ trust.
Mobile payments are here to stay. The FTC notes in its conclusion that, as this industry is still in its infancy, there is a possibility to create new products with financial, security and privacy protection in mind.