Staying safe with tap-and-go

Issue 2 2021 Security Services & Risk Management

As the world struggles through a global pandemic that has, through the manner of its transmission, severely constrained human contact, so new ways have been found to do what we usually do – but without touching strange surfaces any more than we have to. Is it then any wonder that the use of tap-and-go payments has snowballed? After all, this is a payment method that is marketed as contactless, and can be applied not only to cards, but also many wearable devices.

At the same time, perhaps the only thing faster than a lockdown order is the speed at which cybercriminals latch onto new ways of parting the unsuspecting with their cash and data. Therefore, when it comes to tap-and-go functionality, security is of paramount importance. Moreover, security does not fall within the ambit of only one particular link in the value chain – banks, retailers and users have a part to play in safeguarding these devices and transactions.

“It is important for consumers to be educated around how to protect themselves and their data when using devices or wearables that offer tap-and-go functionality,” says Ilonka Badenhorst, managing executive at the Wireless Applications Service Providers' Association (WASPA). Her organisation is dedicated to ensuring that its members adhere to industry standards and rules which are monitored and regulated on a daily basis.

Even though enhanced tap-and-go functionality as well as billing through mobile providers can be safer and more convenient, that does not change the fact that the basic principles of security still apply. “It is the responsibility of the merchant to ensure the environment is safe for transactions to take place and make certain that the reader device is also secured. The banks’ (or in many cases now, mobile providers’) role lies in ensuring that valuable transactions are further protected by a PIN or two-step authentication – even those smaller purchases which usually don’t require a PIN.

She adds that users also have their part to play, notably by taking responsibility for the protection of their PINs, login details and passwords by keeping them secret and not giving them out to anyone.

“Just as WASPA is a self-regulating body that ensures its members are abiding by best practices, so individual shoppers need to self-regulate their security methods to ensure these are also the best possible practices.”

This will become more critical as wearables and direct mobile operator payments grow in popularity, she continues, and these devices – along with smartphones – are increasingly used to make tap-and-go payments.

The good news, notes Badenhorst, is that for additional security, tap-and-go transactions use randomised tokens that are sent via OTP to complete the transaction. Crucially, because these tokens are random, each one is unique to the individual transaction being undertaken. And for direct mobile operator payments, there’s no need for a credit card or banking details, it’s safe, secure and simple as long as you are careful and don’t click too quickly.

“Ultimately, tap-and-go payments as well as ‘add to mobile bill’ functionalities are safe, secure and convenient, but they are not necessarily infallible. Therefore, users need to always be vigilant when undertaking such transactions and accept their share of responsibility for safeguarding their cards, wearables, smartphones and opt-in data decisions,” concludes Badenhorst.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Rack-mounted, three-phase online UPS
Security Services & Risk Management IT infrastructure Products
The new Eaton 93PX 15-20 kVA UPS combines high efficiency with a compact footprint, lower TCO, and improved cybersecurity to provide stable power for critical IT, industrial, manufacturing, and medical applications.

Read more...
South Africa’s solar boom against load shedding
Security Services & Risk Management
South Africa has installed more rooftop and onsite solar contracted to private consumers in the last year and a half than under government programmes in the last ten years.

Read more...
Five reasons why your board should push cybersecurity ‘boundaries’
Security Services & Risk Management IT infrastructure
From a technological perspective, micro-segmentation of your IT security environment can be viewed as a way to identify, isolate and curtail the reach of any threat – even once it is in your network.

Read more...
Key timelines to ensure compliance
Security Services & Risk Management
Regulations to the Occupational Health and Safety Act that apply to major hazard installations require that certain actions be taken to manage health and safety risks – some with timelines for compliance that must be monitored.

Read more...
Best practice tips for strengthening data privacy system
Security Services & Risk Management Cyber Security
International cybercriminals are increasingly targeting South African organizations, making data privacy more difficult to maintain. A standardization expert offers insight to help combat this threat.

Read more...
Is AI the game-changer for streamlining anti-money laundering compliance?
Financial (Industry) Security Services & Risk Management
In the aftermath of South Africa's recent grey listing, companies are now confronted with the imperative to address eight identified strategic deficiencies, while simultaneously reducing their financial crime risk through anti-money laundering compliance processes.

Read more...
Five ways to reduce your cyber insurance premiums
Security Services & Risk Management News
With the global costs of cybercrime expected to soar to $13 trillion within the next five years, cyber insurance is booming as organisations try to mitigate the risk of financial losses.

Read more...
Client satisfaction boosted by 85% at Thungela Mine
Thorburn Security Solutions News Security Services & Risk Management Mining (Industry)
Thorburn Security, a division of Tsebo Solutions Group, has announced its recent collaboration with Kwa-Zulu Natal security company, Ithuba Protection Services, as part of its Enterprise Supplier Development (ESD) initiatives across Africa.

Read more...
Migrating to the cloud? Beware the many hurdles
IT infrastructure Security Services & Risk Management
While there are undoubtedly many benefits, there are also numerous hurdles to cloud adoption. Some of the biggest challenges revolve around managing cloud spend, understanding the cost components of cloud infrastructure, and how those costs can scale.

Read more...
Key strategies for businesses in the face of cyber threats
Cyber Security Security Services & Risk Management
Businesses face severe financial and reputational consequences due to data breaches and daily website hacks, and not all organisations are adequately prepared to combat these escalating threats.

Read more...