As peer-to-peer (P2P) payment app usage increases, so do privacy and security risks.
In recent news, President Biden’s Venmo transaction history was made public, serving as a stark reminder of how easy it can be to access information you may want to keep private.
According to recent reports, the global digital payments industry is expected to hit $6.6 trillion in value this year, representing a 40% increase in just two years. The entire digital payment industry is expected to continue its rapid growth this year and will reach $10.5 trillion in value over the next four years, according to CPA Practice Advisor.
“P2P apps are a game-changer,” said BOK Financial’s® Consumer Product Manager Michael Lane. “Bank-supported versions are a wonderful tool that has changed how people interact with their money.”
Lane said users should be mindful of the risk and reward. Just because payments apps are an option, he said, doesn’t mean they’re always the best option.
“If you’re out to eat with friends and want to split the cost of the bill, using something like Zelle® is a great way to settle up,” he said. “But it’s not the right fit if you’re paying for an exchange of goods and will need easy access to refunds and returns.”
When it comes to using these apps, Lane said, “Think of it as using cash. Where would you use cash and where would you opt for something else?”
He also suggests vetting the recipient and making sure you’re sending funds to someone you know.
If you have personal data in an app, you have some responsibility as a consumer to protect yourself, said Paul Tucker, chief information security officer for BOK Financial. “Before you ever create an account, familiarize yourself with the platform’s fraud protection policy to know what will and won’t be covered moving forward.”
This technology trend shows no signs of going away, so experts recommend proceeding with caution.
- Using a secure PIN or, better yet, two-factor authentication.
- Don’t keep a balance on the app. Deposit it or cash out to lessen the appeal to potential thieves.
- Beware of social engineering attacks, where a cybercriminal uses human interaction to obtain compromising information.
- Never send money to, or accept money from, someone you don’t know.
- Think of P2P apps as extensions of banking, not social media.
“Younger generations, more than others, seem to be okay with letting the public know what their transaction records look like,” said Tucker. “What people may not understand is how much information bad actors can get from your username and email address, and how that makes you more of a target for social engineering.”
When it comes to making your transaction history public, Tucker said a lot can be gleaned from patterns and routines. Knowing what normal spending patterns look like for someone makes it easier for cybercriminals to initiate fraudulent transactions undetected.
“You’re also giving away your geographic location,” said Tucker. “And maybe information about your kids, like where they go to school and what activities they’re involved in.”
“Your phone is the master key to much of your financial system—protect it as such,” he said. “If you don’t protect your phone from being taken over by threat actors, you’re putting yourself at risk.
“As consumers, we’re almost accustomed to hearing about data breaches and information being hacked but individually, we need to be diligent about protecting our data and ourselves.”
Zelle and the Zelle related marks are wholly owned by Early Warning Services, LLC and are used herein under license.