Digital Wallets and Data Security: “LOK” them down

You may have heard the term Digital Wallet recently but do you know what it is? The term Digital Wallet refers to an electronic or mobile service that is typically tied to a Smartphone or mobile device that allows you to access your various types of payment accounts, loyalty cards and personal data, without the hassle of carrying a traditional wallet. They typically can be used to store several different types of payment methods, i.e. credit cards, debit cards and checking account information, all in one convenient spot.

Digital Wallet providers use a variety of different technologies to aid in a seamless and secure payment experience. Some may even offer the ability to process online payments using only a secure password as opposed to entering actual payment information like credit card numbers which are already stored in the Digital Wallet. Digital Wallets are often able to work across multiple devices, for instance laptop computers, desktop PC’s, tablets, as well as the primary device, the Smartphone.

Security Concerns with Digital Wallets

Digital Wallet Merchant Account

There are a variety of players involved in the digital wallet game from traditional payment companies like Visa and MasterCard to social networking sites and search engines. All of these companies vying for your digital wallet business are doing a juggling routine when it comes to securing your personal info and reducing access to this data by outside sources. Obviously as a consumer or payment accepting merchant your primary concern should be securing and protecting personal data and ensuring privacy while still having ready access to the crucial information. Prior to selecting any Digital Wallet service there are several things you should ask yourself about their service:

  • Are they a reputable and reliable company with a tradition of handling sensitive information?
  • What are their policies in regards to theft or compromise of personal data?
  • Do they have the ability to send a variety of different alerts in the case of potentially fraudulent transactions (text messages, emails or traditional voice alerts via telephone)?
  • Do they offer clear information on how they collect and store personal data?

Visa recently released a Best Practices Guide for consumers and credit card accepting merchants to help them ensure that they are protected from theft, fraud and data compromise while accepting payments from a Digital Wallet, or using one to pay for goods and services. The Visa “LOK” program which we have outlined here is for consumers using their cards as well as Credit Card Processing Merchants who may be using a system that integrates and allows payment from a Digital Wallet.

Lock it down

  • Always keep sensitive data or your customers sensitive data password encrypted using a relatively strong password (think at least 8 characters using letters and numbers)
  • Only connect to secure networks or via a Virtual Private Network (VPN)
  • Only install Applications (Apps) from trusted providers: free and relatively unknown software may be an illicit gatherer of info (malware)
  • Keep your devices updated to the most current software to prevent security vulnerabilities
  • Use Security Software even on mobile devices if you store sensitive data

Only you have access to sensitive data

  • Don’t share data with anyone you would not give your physical wallet to!
  • Credible service providers will never ask you for sensitive data via email or text (passwords, social security numbers, credit card info or bank info)
  • Never write down passwords or access data for your digital wallet, if you must write this information down keep it in a protected file or under lock and key
  • Use a password that is only for your Digital Wallet, in other words don’t use the same password that you have used for your Hotmail account for the last 10 years

Know who to call or contact

  • Payment Networks, Banks and Credit Card processing Merchants are all critical components of electronic payments and Digital Wallets. Be sure and keep contact information for any that you may be dealing with regularly in the event they need to be contacted for compromise or fraud related reasons. Keep these scenarios in mind:
    • Who to contact if your device is lost or stolen
    • Who to reach out to in the case that individual bank account or credit card data that is stored in the wallet is lost or compromised
    • What to do if your digital wallet account or merchant account has been or may have been hacked

Keep these in mind when accepting payments through a Digital Wallet Service or when using one to pay for goods and services. Securing your sensitive data can be easy and inexpensive if you follow these basic rules. Remember, always know your rights and read the terms and conditions of use for any digital wallet service or payment acceptance service you may be using or are thinking about using.

Click here for more information on Visa’s LOK program.

As always if you have any questions about securing your data, keeping your customers data secure, or accepting payments from your customers, please don’t hesitate to inquire with us.