FDIC on Mobile Payments Risks

Regulator Defines Risks in Emerging Payments Technologies

By , January 7, 2013.
FDIC on Mobile Payments Risks
 

Listen Now

Read Transcript

Peer-to-peer, near-field communications and barcode scans are revolutionizing mobile payments. What unique risks do these emerging technologies pose to banking institutions? Two FDIC executives offer insights.

To help card-issuing institutions and acquirers better understand the complexities of this emerging landscape, the Federal Deposit Insurance Corp. in its Winter 2012 issue of Supervisory Insights includes a section dedicated to mobile payments.

The article summarizes U.S. consumer mobile adoption rates, emerging mobile payments technologies, such as NFC and intra-account or P2P payments, and unique fraud risks linked to mobile money transfers.

"It appears that no one technology will become dominant," says co-author Rob Drozdowski, a senior technology specialist within the Technology Supervision Branch of the FDIC's Division of Risk Management. "But almost all of these solutions rely on established retail payments channels [such as ACH and electronic funds transfers] ... and banks will continue to play a key role."

To that end, banking institutions have asked regulators for advice about the roles they play in ensuring those payments comply with industry mandates and financial regulations, says co-author Matt Homer, a policy analyst within the Supervisory Policy Branch of the FDIC's Division of Depositor and Consumer Protection.

In its summary, the FDIC aims to address those questions and offer institutions an overview of how emerging mobile payments features work.

"There are a unique set of stakeholders and unique regulations that may apply to a specific product," Homer says. Due diligence to govern vendors will be critical, he says, and the onus will be on banking institutions to ensure the vendors and service providers offering mobile payments conform to information security regulations such as the Gramm-Leach-Bliley Act.

Non-financial entities offering mobile services are a top concern, Drozdowski says.

"The fundamentals of payments risk management should remain constant. Transactions will continue to be received and accepted through the traditional channels ... and the management of third-party service parties will evolve as a key part," he explains. "The existing framework related to information security still applies."

During this interview, Drozdowski and Homer discuss:

  • What defines a mobile payment and the technology that facilitates it;
  • The role banking institutions must play to ensure mobile providers and servicers comply with industry mandates, such as the Payment Card Industry Data Security Standard;
  • Consumer privacy considerations impacting mobile transactions.

Drozdowski is a senior technology specialist within the Technology Supervision Branch of the Federal Deposit Insurance Corp.'s Division of Risk Management, where he supports the supervisory activities in the area of retail payments, privacy and technology service providers.

Homer is a policy analyst within the Supervisory Policy Branch of the FDIC's Division of Depositor and Consumer Protection, where he monitors and analyzes a number of policy topics, including mobile financial services, student lending, and other regulatory and consumer finance issues.

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Data Theft Prevention Emerges

DLP remains a critical security element, but increasingly organizations are investing in the...

Latest Tweets and Mentions

ARTICLE Data Theft Prevention Emerges

DLP remains a critical security element, but increasingly organizations are investing in the...

The ISMG Network