Why your phone's wallet is safer than your real wallet.
What Is a Mobile Wallet?
A mobile wallet is an app on a smartphone or other mobile device. It holds payment information from credit and debit cards and can be used to make a purchase. Mobile wallets can be used for in-store purchases, as well as in-app and online payments for select merchants.
How Do Mobile Wallet Payments Work?
Mobile wallet payments are made through contactless near-field communication, or NFC, between your phone and the payment terminal. Once your phone makes NFC contact, you will see your preferred credit card on your screen. You select the default card when you set up the payment app on your phone and download additional credit cards into the phone wallet. However, you can change the card you'd like to use for a particular transaction before you check out. Once the default card is presented, you will need to authenticate it with a PIN or another form of identification, such as Face ID or Touch ID on an iPhone, or iris or fingerprint verification on Samsung Pay.
Is Paying with Your Phone Safe?
Payment by mobile wallet has multiple security advantages over plastic credit cards when making in-store purchases.
When you pay using your phone's wallet, you need another form of identification – such as a face or eye scan, fingerprint, or PIN – to enable the payment. In contrast, it's much easier to go undetected using someone else's physical credit or debit card. Merchants rarely confirm you're the legitimate cardholder.
Consistently strong encryption.
When you use plastic credit cards, there is a threat that your information could be stolen when you're making a purchase. For example, some merchants still use magnetic stripe terminals, which are vulnerable to theft by card skimmers, devices that collect actual credit card information from the terminal.
EMV chip-enabled cards some of which can be used in a contactless way like a phone wallet – have lessened that threat by relying on per-transaction encryption that doesn't send sensitive card information. However, the physical cards still have card numbers on them, which could be exploited.
With mobile wallets, credit card info is not shared in the payment terminal. Instead, the phone uses a code that is specific to that transaction. The payment is approved when the security code is confirmed to be unique and tied to your phone. Because of this one-time token that is created at the point of sale, there is no useable data that gets exposed.
Both phone wallets and chip-embedded cards rely on EMV technology, but a website won't know whether a plastic credit card is a chip card or not. With mobile pay, tokenization also works for in-app and online purchases where digital wallets are accepted.
Ability to easily pause or stop.
It's much quicker to pause multiple credit cards on a mobile wallet than it is to contact all credit card companies if your physical wallet is stolen or lost. For example, you can suspend Apple Pay when your device is put into "lost mode," which is ideal if you've just misplaced – not lost – your phone. You could also remotely erase the information from your device if it's stolen. Both Samsung Pay and Google Pay offer similar services.
Quicker technological updates.
While upgrading a plastic credit card's technology relies on issuing a new card, mobile payments benefit from app-makers ability to make upgrades.