• +353-1-416-8900(GMT OFFICE HOURS)
  • 1-800-526-8630(US/CAN TOLL FREE)
  • 1-917-300-0470(EST OFFICE HOURS)
Mobile Payment Security, Fraud, and Risk: Breaches, Malware, and the OS Linchpin Product Image

Mobile Payment Security, Fraud, and Risk: Breaches, Malware, and the OS Linchpin

  • Published: October 2012
  • 27 Pages
  • Mercator Advisory Group


  • American Express
  • First Data
  • Global Payments
  • LevelUp
  • PayPal
  • Symantec
  • MORE

Mobile payments have arrived. Driving this revolution is a large collection of technologies, some of which are immature and not fully secure. Nascent solutions are a gilded invitation for criminals to attack at various points within the mobile payments ecosystem. Operating system (OS) developers, payment networks, banks, and even users need to be involved in keeping this evolving environment secure.

The two greatest threats to the mobile payments industry are malware and data breaches. The data breach is well understood and is a universal issue for the payments industry. Standards like PCI have gone a long way toward combating the problem. The malware problem, however, is more focused, initially affecting OS and applications developers, with the effects eventually spreading to the rest of the mobile payments community.

Mercator Advisory Group's new report, Mobile Payment Security, Fraud, and Risk: Breaches, Malware, and the OS Linchpin, examines these threats, explores ways in which fraudsters might exploit them, and indicates how the mobile industry should prepare and respond.

"Criminals are highly motivated to attack mobile payments because they are such a rich READ MORE >

Executive Summary

Mobile Security
Vulnerabilities in OSs and Apps
The Mobile (Payment) Future

Emerging Threats: Mobile Payment Fraud
Mobile Payment Approaches

Payment Fraud
Traditional Payment Card Fraud
Modern Payment Card Fraud
Data Breaches
The Outcome: Identity Theft

Mobile Operating Systems and Applications: Leading the Way to Payment Fraud
Competition Drives Fast-Paced Software Development (and Bugs)
Third-Party Applications as an Entry Point

Mobile Phishing: The Berkeley Reports

WiFi Hacks

NFC and Device-Based Security Threats
Lost/Stolen Devices and Walk-offs
Ghost and Leech Attacks
Other Forms of Potential Compromise

Conclusion and Recommendations
For OS Developers
For Corporations and Individuals
For Application Developers (Merchants, Issuers, Corporations)
For MNOs
Copyright Notice

- American Express
- Apple
- Dwolla
- First Data
- F-Secure
- Gemalto
- Global Payments
- Google
- Isis
- LevelUp
- MasterCard
- Microsoft
- PayPal
- Research In Motion
- Starbucks
- Symantec
- Symbian
- Visa
- WebMoney

Note: Product cover images may vary from those shown


Our Clients

Our clients' logos