Mobile Phone Technology: “Smarter Than We Thought”
How Technology Platforms are Securing Mobile Payments in the U.S.

by Marianne Crowe and Elisa Tavilla, Federal Reserve Bank of Boston
November 2012

Using a mobile phone to make payments introduces a new entry point for traditional and trusted payment methods in the U.S.  It also introduces several new technologies to support mobile payments.  The unfamiliarity and complexity of the mobile device and associated technologies create security concerns for consumers who want to be confident that their personally identifiable information and actionable financial information (e.g., account numbers, PINs, security codes, and passwords) are protected in storage and while being used to process a mobile payment transaction, whether that storage is on the mobile device or in the cloud. 

This report examines in detail how near field communication (NFC) and cloud technologies address security for mobile payments at the retail point-of-sale (POS).   It also provides a brief overview of security for two other mobile technology platforms, QR code, and direct carrier billing (DCB).  Each technology manages and processes information uniquely; hence security practices and issues will vary with the technology deployed by each payments platform provider. 

Full paper pdf