Congress studying privacy, security impacts of mobile payments
02 December 2015 15:51 GMT

The US’s House Energy & Commerce Committee has debated the security surrounding mobile payments options such as the biometrics-backed Apple Pay and Samsung Pay.

Meeting in Washington, the group explored questions such as whether consumers can feel confident that their privacy is being protected, reported BankInfo Security.

Companies including PayPal, Samsung Pay and the Merchant Customer Exchange gave testimony.

BankInfo Security wrote that the “main takeaway from the hearing” was that while most mobile payments options provide stronger user authentication and convenience, that they do not have the same legal and legislative protections as other payment methods.

The committee, which held the hearing as part of a series to review disruptive technologies, noted that this was a preliminary review of mobile payments security.

"We want to explore the new ways consumers are paying for goods through their mobile devices, and how consumer information is being secured on mobile devices," said Rep. Frank Pallone Jr., D-N.J. "We want to be sure that information saved on mobile devices is secure, even if data on mobile devices can still be hacked."

Speaking on secyurity, PayPal's John Muller, vice president of global payments policy said the multiparty networks often involved with processing mobile payments pose security challenges. Muller says this is why stronger authentication practices, such as biometrics, are increasingly becoming necessities.

"Biometric authentication features on mobile devices are radically changing this [mobile] model and, subsequently, are minimizing damage done in a breach or hack," Muller testified. "Through PayPal's leadership and collaboration with Samsung and the FIDO Alliance, PayPal was the first payment company to introduce fingerprint biometric payment authentication on Android mobile devices."

Sang Ahn, chief commercial officer for Samsung Pay in the U.S., told the committee that Samsung Pay uses biometrics as well, enabling users to apply fingerprints to their mobile phones' built-in sensors to authenticate transactions.

"Additionally, our smartphones incorporate the Samsung KNOX security platform, keeping all payment data locked and secure," Ahn testified. "Other mobile payment solutions employ tokenized transactions. But … these solutions only work in the small fraction of stores with NFC-equipped terminals."