Currently, as many as 79% of Americans have used a mobile payment option, such as Zelle, Venmo, and PayPal, but that figure is expected to increase steadily as payment options become easier to use and more widely accepted. It’s important to understand how mobile payment options work as people use them more in their day-to-day lives.
The number one rule with using mobile payment apps is to ensure that you confirm that you’re sending funds to the right account and that you only send funds to people you know and trust. Since the transfer is near-instantaneous, once you send funds via mobile payment apps, the money leaves your account. If you later discover that you were part of a scam or you mistakenly sent money to the wrong person, you’ll still be on the hook for the funds as these transactions cannot be reversed.
Whether you’re curious about adding a digital wallet to your smartphone or you want to know more about the options you already use, here’s what you need to know about popular mobile payment options.
Are mobile payment apps secure?
Mobile payment apps send transaction data over a wireless connection, which may have you wondering if that creates an opportunity for your financial data to be stolen. Fortunately, all of the major apps have security features to protect your information from malicious actors attempting to capture your data.
For example, the Apple Pay and Samsung Pay apps use tokenization technology that attributes an otherwise meaningless set of numbers as a representation of a credit card number. The credit card number itself is never transmitted over the air. That way, even if a criminal is able to capture the data, the data itself would be meaningless without direct access to the mobile payment system itself.
If your smartphone is stolen, device-level controls such as Apple’s Find My iPhone feature allow you to erase your phone’s data remotely, creating additional levels of security. Add device-level security measures including a secure password and biometric security (such as a fingerprint scanner) and device encryption for your Apple or Andoid smartphone to further ensure that hackers cannot bypass your password, passcode and biometrics.
Apple Pay, Samsung Pay and Google Pay
The major smartphone brands offer mobile wallets that come built-in to their devices. These apps allow you to store your debit and credit card information directly on your device and use near field communication (NFC) to transmit transaction data to a contactless payment reader with zero transaction fees.
Apple Pay is available on iPhone 6 and newer, as well as Apple Watch. The limits to Apple Pay are directly related to your funding account—the debit or credit card associated with your Apple Pay and any applicable daily transaction limits set by your financial institution. When completing a transaction, your device will ask you to confirm your identity with your passcode, Touch ID or Face ID.
Samsung Pay comes pre-installed on all Samsung flagship phones, like the Galaxy series. It can also be found on the Google Play store. It works very similarly to Apple Pay. Samsung also offers a reward system that gives loyal users coupons and gift certificates for using the service.
Google Pay is very similar to Samsung Pay, with the major difference being that your Google account is connected to the app. The added convenience of connecting your Google account also may create another avenue for fraudsters to gain access to your account, for example, if your Gmail is compromised.
Square Cash, Venmo, Paypal and Zelle
Person-to-person payment apps make it easy to send and receive money. These apps work by connecting to a checking account, savings account, or a credit card. When you sign up for the app, you create a unique username for other people to find you and send you money or request a payment from you.
These apps require you to verify your ownership of a bank account—typically by entering your Digital Banking credentials, or performing a micro-transfer of a dollar or less. Micro-transfers are a common way of verifying your account information by charging a small amount to validate your connected account. Once you’re verified, the deposit will either be kept as a fee, be returned to the original account, or be left as an opening deposit to your new mobile payments account. When you receive funds from other people via your mobile payment app they will either be stored as a balance within the app until you transfer it out or transferred automatically to your bank account, depending on which app you use and how it’s connected to your accounts. For example, OnPoint partners with Zelle to make person-to-person payments quick and easy—when your OnPoint account is connected to Zelle, funds you receive will go directly to your bank account without fees.
P2P payment apps generally have small transaction fees, though they are waived in certain circumstances. For instance, Venmo waives its fees when a transaction comes directly out of a balance stored in the app, a bank account or debit card—as opposed to from a credit card. Additionally, with Venmo, your funds received are stored as a balance within Venmo and when transferring funds to your bank account, you can choose to pay a fee for an instant transfer, or wait 1-3 business days for a free transfer.
All of the major mobile payment apps use data encryption, passcodes and tokens to protect user information, but they are still vulnerable to security breaches—particularly social engineering scams where fraudsters con people into sending them money. Since funds transfers are near-instantaneous, once you send money to someone, getting it back can be extremely difficult unless they are willing to send the funds back to you.
Recently, retail and restaurant chains have begun using their own payment apps. Starbucks and Walmart are among the most popular, though the number of brands with proprietary apps grows every year.
These apps allow customers to store digital gift cards on their devices. At checkout, the cashier simply scans a barcode or QR code to complete the transaction. Many brands offer loyalty rewards for using their app. For example, Starbucks customers earn points for every digital transaction which earns them rewards like free drinks and discounts. Branded apps offer other perks, like the ability to place orders online and then pick up goods at the store.
As with any digital wallet, branded apps are protected by various security protocols, but they’re not fully immune to data breaches. It’s best practice to change your password on these apps several times a year, and always disable any auto-fill options.
Keep your money safe
Mobile payment apps make it easier than ever to send and receive money when you’re on the go. Securing your phone with a strong passcode can prevent your information from getting into the wrong hands if you lose your device. Most importantly, remember that you should only send money to people that you know and trust.
Keeping your accounts and identity safe take a proactive approach to personal cybersecurity. Get your free copy of our financial security eBook to learn more about how to protect your finances.