Good King news

Digital rather than cash: customers pay with their encrypted smartphone

The "mobile payment", or mobile payment with a smartphone or smartwatch, is spreading more and more. The payment method is currently considered very secure, but consumer advocates recommend supervision.

Pay without paper: customers can do so with "mobile payment". For mobile payment, like the German translation of the motto, they only need technical help, which they carry with them anyway – like a smartphone or smartwatch. The advantage: "Currently it should be the most secure payment method," says Julian Grigo of the Bitkom digital association.

For this reason, customers keep their smartphone or smartwatch at the checkout just before a reader. This completes the first part of two-factor authentication. To issue the payment, two components of the "have", "to be" or "knowledge" categories must be used, explains Sylvie Ernoult of the Federal Association of German Banks.

When paying by credit card or girocard, two-factor authentication is generally guaranteed by entering the card ("hash") and entering the PIN ("knowledge"). For small quantities, quite often the possession of the card. "Mobile payment is the counterpart of the mobile device on paper," says Ernoult. In addition, customers generally need to authenticate themselves with a biometric feature, such as a fingerprint ("being") or a PIN ("knowledge").

The data is stored on the smartphone

The data is exchanged via a payment app on the mobile phone. For payment data are stored in an NFC chip on the smartphone. NFC is the acronym of Near Field Communication, or Near Field Communication. This is a wireless standard that allows data to be read.

Various protection mechanisms are used. "For example, wireless technology only works when used at the cash register if the customer keeps their smartphone very close to the terminal," explains Ernoult.

Furthermore, the bank details are not transferred one by one. Rather, an encrypted copy of the bank details is transmitted to the data terminal of the supermarket checkout, which applies only to the currently approved payment process. This speaks for data protection.

The payment app does not share the cart

"There are no details on the payment process, such as the items in the supermarket shopping cart to payment service providers like Apple Pay, Google Pay, the credit card company or the transferred bank," says the expert. digital Grigo.

The situation is different when mobile payment is made together with a customer card. "So the retailer gets knowledge of the payment data and the customer's buying behavior," says Niels Nauhauser of the Baden-W├╝rttemberg consumer center in Stuttgart. Whether a customer uses the mobile payment together with or as an alternative to the traditional credit card or girocard, he decides himself.

Update the protection and navigate carefully

In order to protect their smartphone and bank data deposited by criminal activities, consumers should keep their device or smart watch software up to date. "It is important to use automatic updates regularly," stresses Nauhauser.

But be careful: even in this case consumers may not necessarily feel safe. "Anyone who is on the Internet with their smartphone or often uses a third-party WLAN is never 100% protected from Trojans and viruses," says consumer advocate.

Consumer protection: reports incorrect charges

Furthermore, consumers should regularly check their bills and immediately report erroneous charges to their financial institution, advises Nauhauser. "Some financial institutions now offer you invoices as a push message to your smartphone, which makes checking easier."

The important thing is: if the smartphone is lost or stolen, the owners must have the SIM card blocked by their mobile operator, as well as the cards stored on their mobile phone at their bank. In most cases, the central emergency call, which can be reached at 116 116 all day, helps.