Security hazards are major obstacles to the adoption of digital payments, especially now that it is increasingly accepted in the Philippines. While digital payment technology is deemed beneficial to consumers, it also presents security issues that require ways and means to address ongoing as well as emerging challenges.
In the Philippines, the biggest hurdles in digital payment migration are the lack of a reliable and secure payment infrastructure combined with the still pervasive consumer mindset that cash remains fast and uncomplicated, according to Siang Tiong Yeo, Kaspersky Lab Southeast Asia’s general manager, in an email interview with UpgradeMag.com.
“We are not aware how digital payment service providers in the Philippines respond to security risks, but all businesses are potential targets especially those in the financial sector,” said Yeo, adding that “no business is safe from cybercriminals and, as such, organizations must be prepared to take responsibility for their cybersecurity.”
Mobile payments are convenient and faster. Instead of carrying cash or credit/debit cards, you just use or tap your mobile phone on a merchant’s terminal to pay for goods and services. This payment technology offers opportunities to improve customer services, however, it is hounded with security risks.
“Cybercriminals are always hunting for money. Hacking online transactions is relatively easy if users and payment systems lack security. The government and the public should all work together to secure online money as early as today with digital payment at its infancy,” Yeo noted.
To address security challenges in digital payment systems, Yeo shares the following tips you can use to stay safe:
Don’t assume links are genuine.
When you need to visit an online bank, a retailer or a payment Web site, you should manually type in the URL – instead of clicking on a link. Do not visit Web sites by clicking on:
- Links in emails
- Messages on social network sites
- Messages in chat rooms
- Banner ads that are on suspicious Web sites
- Links sent to you by people you do not know
Beware of fake communications
Most financial organizations will never send emails asking customers to:
- Send personal data in an email
- Visit their site for authorization
- Enter personal data in pop-up windows
Check the URL
When you’re visiting a Web page that needs you to enter confidential data, carefully check the address of the page that’s shown on the browser corresponds with the page that you were intending to access. If the URL is made up of a random selection of letters and numbers – or it looks suspicious – do not input any information.
Use encryption
Make sure that you use an encrypted connection, whenever you need to input any confidential data. If a connection is secure, the URL will start with the letters ‘https’ – in addition, the address bar or the browser’s status bar will display a small icon of a lock.
When you click on the lock icon, look closely at the information about the SSL authentication certificate that has been issued to the site (you’ll be able to note when the certificate was issued, who issued it and for what period the certificate was issued).
Use your own computer – and your own Internet connection
Try to avoid using public computers – in Internet cafes, airports, clubs, hotels, libraries or other locations – when you need to access online banking services or online retailers. These public computers may have a variety of spyware programs running on them. If so, these malicious programs could record everything you type on the keyboard – including your passwords – and also intercept Internet traffic.
Even if you use your own computer for online transactions, you need to avoid connecting to the Internet via a public Wi-Fi network. On a public Wi-Fi network, there is a risk that the traffic might be intercepted by the network’s administrator or by cybercriminals – and attacks might be launched with network worms. In fact, Kaspersky Lab offers its Secure Connection App for iOS and Android devices for download in the App Store and Play Store.
Don’t use your main credit card or debit card
You might benefit from having a special card that you only use for online purchases. It may be possible to restrict the credit limit for your ‘online credit card’ or to hold a limited amount of money on your ‘online debit card’.
Learn from other people’s experiences
Before making a purchase online, try to read customer reviews about that specific retailer.
Be wary of potentially untrustworthy sites
It can be a good idea to avoid buying from retailers that have Web sites that are registered with free hosting services.
Get additional information about the Web site
If you have any doubts or suspicious about a retailer’s Web site, use a ‘Whols’ IP service in order to find out more information about the domain – including how long it has been in use and who owns it. Note the period of time for which the domain has been paid.
Eliminate vulnerabilities – in your operating system and applications
Always ensure that the operating system – and all applications – on your computer and other devices have the latest updates installed. This will help to eliminate operating system and application vulnerabilities that can be exploited by malicious software programs and attacks. Windows OS products are often targets of vulnerabilities so be sure you’re secure whether you are running the newest OS, XP, or Windows 7. Security is essential.
Maintain your firewall
For additional security, instead of just running a standard firewall, you may choose to run application and software-based firewalls.
Protect against malware and Internet security risks
A rigorous anti-malware solution like Kaspersky Internet Security can protect you against computer viruses worms, Trojan viruses and more. Some anti-malware products also include special technologies that provide additional layers of security when you’re using online shopping and banking Web sites.