ENISA publishes good practices and recommendations for payment providers and financial institutions following an analysis of the security of mobile payments and digital wallets.
Published on December 19, 2016
ENISA assessed the most widely used payment applications and their security models to identify good practices. The identified results, validated in a workshop in November 2016, provide some key recommendations included in this report.
Customers should adopt minimum security measures when using mobile payment applications
Vendors should provide more visibility of the security measures in applications
The mobile payment chain must maintain its security posture irrespectively of the players involved
Mobile payments provide convenience of use; as it allows customers the freedom to make payments at any given time without the use cards. Mobile payments are expected to grow by 80% percent1 on a yearly basis in the next five years, but the security of mobile payments applications still remains a key concern.
A key challenge identified is maintaining the security of mobile operating systems at a sufficient level. Mobile OS provide good security when applied, but many customers are not aware of these, and therefore do not use them. Another challenge is the security of the mobile payment chain, the assurance of which is paramount for the successful adoption of mobile payments.
In the context of the NIS Directive2, ENISA assists Member States and the European Commission by providing expertise and advice, as well as developing and facilitating the exchange of good practices, with the ultimate goal to enable higher level of security for Europe’s critical infrastructure, including finance.
ENISA continues its work with the European Central Bank and the European Banking Authority providing its assistance and expertise on information security issues in the finance sector. The Agency is also engages with industry through various working groups in the area of finance to exchange information and good practices in information security.
Download the full report: !/admin/resources/wp2016-3-1-4-mobile-payments-security-1.pdf! https://www.enisa.europa.eu/publications/mobile-payments-security/at_download/fullReport