Skip to Content

Safe Mobile Payment Services

Nowadays, quite a number of mobile payment services have gradually emerged into the market. These services require users to install specific mobile application on smart phones. Some mobile payment services could also be deployed on other devices such as smart watches and tablets etc. The non-contact means used for operating these mobile payment services generally fall into two categories, namely NFC (Near-Field Communication) technology and QR code (Quick Response code) technology. Though these payment services have adopted cutting-edge security technology, such as data encryption at NFC transmission or frequent change of QR code generated for payment services, users should enhance their information security awareness and put sufficient security measures in place to avoid any monetary loss.

Mobile payment services using NFC technology
Mobile payment services using NFC technology
Mobile payment services using QR code technology
Mobile payment services using QR code technology

Security Tips on Mobile Payment Services

  • Always safeguard your mobile phone and other mobile devices used for payment services.
  • Install only mobile payment service applications from official or trusted sources.
  • Make transactions only with merchants that have good reputation.
  • Terminate the mobile payment operation immediately if any irregularities are observed, for example, strange pop-ups or graphics displayed or longer processing time than usual.
  • Check the transaction record issued by the bank or mobile payment service provider after transaction.
  1. Risks and Impacts Risks and Impacts
  2. Preventive Measures Preventive Measures
  3. What Should I Do if Losing My Phone? What Should I Do if Losing My Phone?
  4. Extension Reading Extension Reading

Risks and Impacts

Risks

  • Mobile phone to be stolen or lost due to the failure of safeguarding the device properly.
  • Mobile phone to be attacked by malicious software due to insufficient security measures.
  • Transaction details (e.g. the recipient) to be altered or payment details probably stolen while making transactions with suspicious merchants.
  • Chances of being redirected to malicious websites while using QR code payment services.
  • Chances of encountering NFC tags altered by criminals or fake NFC readers while using NFC payment services.

Impacts

  • Redirected to malicious websites leading to download of malware on the mobile phone.
  • Personal data, transaction contents or payment details to be stolen.
  • Manipulated by criminals to make unauthorised transactions leading to monetary loss.

Preventive Measures

General Security Measures

  • Set a strong password and enable auto-lock screen feature on your mobile phone.
  • Set a strong password for the mobile payment service application. This password should be different from the ones for other services. Change the password regularly. Never save the password on your mobile phone or disclose it to anyone.
  • Install mobile payment applications only from official or trusted sources, and read carefully the terms and conditions to understand the service charges, and users’ rights and responsibilities, in particular those related to privacy and personal data.
  • Do not deposit large amount of money in the mobile payment application. The amount should be duly kept to your actual needs.
  • Check your transaction records regularly and report to the related bank or payment service provider as soon as possible for any suspicious or unauthorised transactions found.
  • Avoid using mobile payment services through public Wi-Fi networks.
  • Turn off any unused wireless connection like NFC or Bluetooth after the transaction.
  • Never alter your mobile operating system or “Jailbreak” or “Root” your device.
  • Remove expired software and timely update your operating system, mobile applications and web browsers.
  • Keep your anti-malware software and its signature file up-to-date.
  • Always safeguard your mobile phone and other mobile devices used for payment services.
  • Turn on the security features in your mobile phone, for example iOS users can turn on the Remote Wipe function and use two-step authentication on iCloud.

For more information on the security measures of Android and iOS, please visit the safety centre of this website.



Considerations while Using Mobile Payment Services

NFC (Near-Field Communication) QR Code (Quick Response code)
  • Use NFC Tag Reader beforehand to ensure whether the execution code or the content is trustful.
  • Turn off the NFC feature after using the mobile payment services.
  • Stay vigilant and make sure the QR code is from a trusted source before scanning.
  • Check whether the processed QR code information is correct.
  • Never disclose the QR code generated by mobile payment services to others casually.

General

  • Make transactions only with merchants that have good reputation.
  • Check carefully the transaction details provided by the application.
  • Terminate the mobile payment operation immediately if any irregularities are observed, for example, strange pop-ups or graphics displayed, abnormal webpage layout or longer processing time than usual.


Security Measures after Completion of Mobile Payment Transactions

  • Check the transaction records issued by the bank or mobile payment service provider immediately.
  • Keep all transaction records for reference and scrutiny in the future.

What Should I Do if Losing My Phone?

  • Initiate Remote Wipe to remove the credit card information stored in the mobile phone.
  • Report loss to or request suspension of mobile payment services with the bank or mobile payment service provider.
  • Stay vigilant against any unusual transactions.


Contact of local banks

Please visit the website of the Hong Kong Association of Banks

Extension Reading

Disclaimer: Users are also recommended to observe the Important Notices of this website and read the user agreements and privacy policies of the security software and tools before download and use them.

Back to Top