IT GRC Forum

FacebookJoin our Linkedin Group!Follow us on Twitter!Subscribe to our Feeds!
Click on the slide!

EMV and Mobile Payment in 2015

Live Webcast!             Join our expert roundtable as we give some top security guidelines for EMV

Click on the slide!

Don't Be Another Headline

On-Demand               Learn how to implement data security best practices and view now!

Click on the slide!

Are You Securing Hadoop?

On-Demand               Learn about Securing Hadoop by adopting a Data-Centric Approach.

Click on the slide!

Building a Secure, Compliant Cloud.

On-Demand               Play and now learn the key concepts and best practices to build your…

Frontpage Slideshow (version 2.0.0) - Copyright © 2006-2008 by JoomlaWorks
E-mail

Adapt laws to allay mobile payments privacy fears - Berkeley researchers

May 3, 2012 - Americans overwhelming reject mobile payment systems that track their movements or share identification information with retailers, and legislators should considering tweaking credit card laws to address their concerns, say researchers at the University of California, Berkeley.

In a paper, the university's Chris Hoofnagle, Jennifer Urban and Su Li argue that the fast-developing mobile payments landscape could bring many benefits to consumers; potentially reducing transaction fees, increasing convenience, and even improving security.

However, a major obstacle to adoption is getting merchants on board and convincing them to build infrastructure at the point-of-sale. The best way to do this may be by using mobile payment systems' new capabilities for the collection and use of consumer personal information.

With card transactions, the parties - merchant, card network and bank - all receive different, incomplete information. But mobile payments systems could change this, giving merchants personally-identifiable contact information from consumers and card networks access to data on what people have been buying.

This would provide the various players with a more comprehensive and detailed dossiers about consumer; for example, making it easier for merchants to build customer databases without resorting to loyalty cards, say the researchers.

In addition, some of the new players in the payments market - such as Google, Facebook and PayPal - already appear to have designed their systems to collect purchase data. Currently there are no rules stopping these giants using the information for research and marketing or even sharing it with third parties such as advertisers.

This raises privacy issues that Americans seem to find troubling, according to a survey of 1200 households carried out for the paper. Asked whether they thought that phones should share information with stores when they visit and browse without making a purchase, 96% object to the idea, with 79% stating that they would "definitely not allow" it.

Meanwhile, 81% object to the transfer of their telephone number to a store where they purchase goods, with the same percentage unwilling to share their home address and 67% not even prepared to hand over an e-mail address.

The Berkeley researchers suggest that these concerns could be addressed by adapting existing laws. Since the early 1990s California's legislature, through amendments to the Song-Beverly Credit Card Act, has prohibited merchants from even requesting personal information from customers carrying out credit card payments.

"Given our finding that consumers overwhelmingly reject the collection of personal information at the point of sale via mobile payment systems, we think that the Song-Beverly model should be updated to cover payments systems as well as merchants at the point of sale," argues the paper.

The team emphasises that information could still be shared with merchants but that it would be in the hands of the customers, who could opt-in on a per-transaction basis.

The paper concludes: "The broad agreement we found among Americans that they value privacy at the point of sale, suggests strong support for a modified version of Song-Beverly at the federal level. This would ensure that all Americans' expectations for privacy in their point-of-sale data are respected, and that payments systems operators and merchants alike have one, uniform regulatory model for handling point-of-sale information."

Trackback(0)
Comments (0)add comment

Write comment

busy