Data breaches could cripple the growth of mobile wallets

Mobile Payments BadBII

See Also

This story was delivered to BI Intelligence “Payments Briefing” subscribers. To learn more and subscribe, please click here.

Regardless of the platform affected, data breaches deter consumers, according to new data from the 2016 KPMG Consumer Loss Barometer.

Forty percent of mobile wallet users would not feel comfortable using a mobile pay app that had recently been hacked, according to the study.

Most major mobile payment apps seem to be safe. But risks persist — for instance, it may bepossible, though cumbersome, to intercept credit card data from Samsung Pay through a tokenization flaw — which means that mobile wallets must be careful if they are to avoid blunders that hurt adoption.

If breaches occur in the future, the impact on the ecosystem at large could be massive.

  • Potential users are already consistently concerned about mobile payment security.Consumers are consistently worried about mobile payment security, which is stopping them from using the wallets. Two of the top five reasons that mobile phone owners cite for not using mobile payments are related to safety and security. As many as two-thirds of consumers polled in Q4 2015 by the US Federal Reserve said they’re concerned about the security of mobile payments, and almost half don’t trust the technology. Future data breaches could exacerbate these concerns among nonusers.
  • And KPMG’s data indicates that a breach could impact wallets’ already low adoption. Just 23.8% of eligible US users had tested Apple Pay, the most common US mobile payments service, by June 2016, up by just 0.5% since March 2016, which indicates relatively slow adoption that’s beginning to plateau. A future breach could not only dampen slow adoption, but also shrink the existing pool of users. That could have major implications for the ecosystem’s future development.

At the moment, mobile payments are becoming more popular, but they still face some high barriers, such as consumers’ continued loyalty to traditional payment methods and fragmented acceptance among merchants. But as loyalty programs are integrated and more consumers rely on their mobile wallets for other features like in-app payments, adoption and usage will surge over the next few years.

Evan Bakker, research analyst for BI Intelligence, Business Insider’s premium research service, has compiled a detailed report on mobile payments that forecasts the growth of in-store mobile payments in the U.S., analyzes the performance of major mobile wallets like Apple Pay, Android Pay, and Samsung Pay, and addresses the barriers holding mobile payments back as well as the benefits that will propel adoption.

Here are some key takeaways from the report:

  • In our latest US in-store mobile payments forecast, we find that volume will reach $75 billion this year. We expect volume to pick up significantly by 2020, reaching $503 billion. This reflects a compound annual growth rate (CAGR) of 80% between 2015 and 2020.
  • Consumer interest is the primary barrier to mobile payments adoption. Surveys indicate that the issue is less the mobile wallet itself and more that people remain loyal to traditional payment methods and show little enthusiasm for picking up new habits.
  • Integrated loyalty programs and other add-on features will be key to mobile wallets taking off. Consumers are showing interest in wallets with integrated loyalty programs. Other potential add-ons, like in-app, in-browser, and P2P payments, will also start fueling adoption. This strategy has been proved successful in China with platforms like WeChat and Alipay.

In full, the report:

  • Forecasts the growth of US in-store mobile payments volume and users through 2020.
  • Measures mobile wallet user engagement by forecasting mobile payments’ share of their annual retail spending.
  • Reviews the performance of major mobile wallets like Apple Pay and Samsung Pay.
  • Addresses the key barriers that are preventing mobile in-store payments from taking off.
  • Identifies the growth drivers that will ultimately carve a path for mainstream adoption.

To get your copy of this invaluable guide, choose one of these options:

  1. Subscribe to an ALL-ACCESS Membership with BI Intelligence and gain immediate access to this report AND over 100 other expertly researched deep-dive reports, subscriptions to all of our daily newsletters, and much more. START A MEMBERSHIP
  2. Purchase the report and download it immediately from our research store. BUY THE REPORT

The choice is yours. But however you decide to acquire this report, you’ve given yourself a powerful advantage in your understanding of how mobile payments are rapidly evolving.

EXCLUSIVE FREE REPORT:
5 Top Fintech Predictions by the BI Intelligence Research Team. Get the Report Now »

Article source: http://uk.businessinsider.com/data-breaches-could-cripple-the-growth-of-mobile-wallets-2016-8

,

No Comments

Australia, Canada release joint report on Ashley Madison data breach

Australian Privacy Commissioner Timothy Pilgrim and  Privacy Commissioner of Canada  Daniel Therrien have released the results of their joint investigation into the Ashley Madison data breach.

The report was highly critical of the dating website’s privacy and personal data security practices — and include court-enforceable commitments by Ashley Madison’s parent company, Avid Life Media Inc (ALM), which was recently rebranded as Ruby Corp. 

“The findings of our joint investigation reveal the risks to businesses when they do not have a dedicated risk management process in place to protect personal information,” said Commissioner Pilgrim. “This incident shows how that approach goes beyond ‘IT issues’ and must include training, policies, documentation, oversight and clear lines of authority for decisions about personal information security.”

“The report offers important lessons to any businesses relying on personal information as part of their business model,” he added.

In August 2015, ALM was the target of a data breach which involved information claimed to have been stolen from ALM, including the details of approximately 36 million Ashley Madison user accounts. The two offices opened a joint investigation on the same month.

Pilgrim noted that the report identifies numerous actions and improvements that ALM will need to take to address the issues identified through the investigation process. 

In response, ALM has offered binding commitments to each Commissioner, which are court enforceable, to improve its personal information practices and governance.

“Privacy and data are global challenges and international cooperation like this will become a key tool for the future of privacy enforcement,” said Commissioner Pilgrim. “Certainly, my office will always look to pursue Australians’ privacy rights, no matter where that leads.”

“The lesson for consumers is to make informed choices about providing personal information and to take privacy into their own hands. Be clear about what you are providing, the value you are getting in exchange and understand that no organisation is ‘breach-proof’,” he added.

The release of the result of the joint investigation provides closure on one of the world’s most widely reported data breaches, and is the first time the Australian and Canadian Commissioners have jointly enforced privacy protections. 

Article source: http://www.enterpriseinnovation.net/article/australia-canada-release-joint-report-ashley-madison-data-breach-603809881

,

No Comments

Courts raising bar for data breach class actions

WASHINGTON (Legal Newsline) — Reports of data breaches have become commonplace, prompting U.S. courts to raise the bar on associated class action lawsuits.

The U.S. District Court for the District of Columbia in early August declined to grant standing to a class action filed in the wake of a data breach at CareFirst BlueCross BlueShield. Hackers compromised health insurer CareFirst’s IT systems in June 2014 and obtained personal data for more than a million BlueCross BlueShield policyholders.

In dismissing the class action, Judge Christopher Cooper concluded that the plaintiffs failed to show that the private personal data allegedly obtained by hackers had caused any injury to plaintiffs or was sufficient in and of itself to do so. Significantly for the court, plaintiffs failed to provide evidence that the perpetrators of the data breach had obtained Social Security or credit card numbers.

Merely establishing that private personal information had been illegally acquired via a data breach is no longer sufficient to warrant standing in a class action, Ballard Spahr attorney Edward McAndrew said.

“In and of itself the CareFirst data breach is just another development in the establishment of precedent regarding standing in data breach cases,” he told Legal Newsline.

What’s new here is that courts are saying they’re going to look at the particular types of data allegedly acquired in security breaches and determine if there’s a high risk of stolen data to be used for criminal purposes. In CareFirst the court concluded that factual allegations regarding the data stolen provided by plaintiffs did not reveal any actual or impending injury, or demonstrate a substantial likelihood that personal injury could occur.”

The CareFirst decision reinforces and adds to a May U.S. Supreme Court ruling on a technical legal issue raised in Robins v. Spokeo, a class action in which a plaintiff asserted he had been harmed by false personal information sold by data broker Spokeo that had been published on the Internet. Reversing an appellate court ruling, the high court justices voted 6-2 in concluding that plaintiff failed to show he had suffered concrete harm.

In that case, the court disagreed with plaintiffs attorneys’ argument that even without demonstrating personal injury, violation of a statute – in this case the D.C. Consumer Protection Procedures Act (DCPPA) – was sufficient grounds for granting class action status.

“We have made it clear time and time again that an injury, in fact, must be both concrete and particularized,” Justice Samuel Alito wrote in the majority opinion. He added that certain types of mistakes wouldn’t qualify as evidence of injury.

“An example that comes readily to mind is an incorrect ZIP code. It is difficult to imagine how the dissemination of an incorrect ZIP code, without more, could work any concrete harm.”

More broadly in CareFirst, the court’s conclusion that private personal data allegedly acquired in a data breach is not likely to result in the misuse of that information is highly debatable, McAndrew said.

“Other courts have reached the opposite conclusion,” he said. “In Remigas class action, the Seventh U.S. Court of Appeals decided that class action plaintiffs had sufficient standing based solely on the alleged theft of personal data from the P.F. Chang restaurant chain.”

In that 2014 civil lawsuit, two Illinois men did show that the personal debit card data obtained in the breach was subsequently used to make fraudulent charges, he pointed out.

“Some 350,000 credit card numbers allegedly were stolen, and plaintiff attorneys showed that over 9,000 of those actually had been used to commit credit card fraud, or ID theft,” McAndrew said.

In addition, in CareFirst, the court did not address the potential for hackers to obtain sufficient personal data to perpetrate fraud/ID theft or other criminal acts by assembling digital dossiers on consumers from multiple sources, McAndrew continued.

”They wind up combining all the data they can acquire to create a much more comprehensive dossier that could be sold on the ‘dark web.”’

Email addresses were stolen in the CareFirst case, and plaintiffs did submit evidence that SSNs had been acquired subsequent to a court briefing on the issue. The court ruled that such evidence would not be considered as plaintiffs did not mention that in their complaint, however.

Article source: http://legalnewsline.com/stories/511001143-courts-raising-bar-for-data-breach-class-actions

,

No Comments

New data breach notification standards should be flexible, adaptive, ITAC says

As Innovation Science and Economic Development Canada (ISED) prepares to release a second version of the country’s new data breach notification standards this fall, the Information Technology Association of Canada (ITAC) hopes the latest proposed regulations will take a flexible, outcome-based approach, while also providing a grace period to give businesses time to adjust.

ITAC's David Messer
ITAC senior director David Messer wants to see Canada’s new data breach regulations take a flexible, outcome-based approach.

“We want there to be an appropriate balance between the need to protect Canadians by notifying them of data breaches, and the costs and challenges sometimes faced by businesses in in doing so,” ITAC senior director David Messer tells ITBusiness.ca.

Since 2015, data breaches have been governed by the Personal Information Protection and Electronic Documents Act (PIPEDA), a law passed in 1998 to regulate how non-government organizations (excluding charities and not-for-profits) were allowed to collect, use, disclose, and dispose of personal data.

Under PIPEDA’s current regulations, organizations are responsible for all personal information within their control. They must also acquire consent from anyone whose data they collect; protect the information collected from loss or theft; and report data breaches that compromise its security to both the government, through the Office of the Privacy Commissioner; and to affected individuals, so they can take the steps necessary to mitigate damage; to ensure compliance with the act.

Consumers, meanwhile, have a right to examine their personal information, challenge its accuracy, and may withdraw their consent to provide said information at any time.

Canada’s current privacy commissioner, Daniel Therrien, has expressed concern that federal privacy laws including PIPEDA haven’t kept up with technology. Fortunately, ISED has been developing new data breach notification standards since last June, and released a draft version in March 2016.

Responding to the draft, the privacy commissioner’s office released a report of its own in June, though it should be noted that in a previous story the commissioner’s office said PIPEDA was “adequate” and consistent with “internationally recognized standards” when contacted by ITBusiness.ca.

There are presently a number of exceptions under PIPEDA where information can be collected, used, and disclosed without an individual’s consent, however, including reasons of national security, international affairs, and law enforcement.

BlackBerry, for example, has been known to provide the RCMP with personal user data during investigations.

There are also exceptions to the rule that individuals must be given access to their own personal information: for example, if it would reveal personal information about a third party.

The interpretation gap

In contrast to the privacy commissioner, ITAC is comfortable with PIPEDA’s current notification requirements, Messer says, though it also supports the introduction of new data breach notification regulations.

“The focus should be on protecting Canadians, improving cybersecurity, and avoiding unnecessary costs or regulatory requirements for businesses,” he says. “They need to be implemented in a way that allows businesses to incorporate them into their existing practices without unnecessary disruption.”

Back in March, ITAC hosted two webinars, attended both by ISED staff and more than 70 member companies, to discuss the scope of the proposed regulations. It also launched an online survey and established a working group to develop an industry position, resulting in a response paper the organization released on May 31.

One pronounced difference of opinion between the privacy commissioner’s analysis of the proposed regulations and ITAC’s is the role of encryption, with the commissioner’s office arguing that encryption alone isn’t enough to ensure safety and ITAC saying otherwise.

“I think a lot of companies have come around to the position that to some extent, network breaches are inevitable,” Messer says. “There’s no such thing as ‘perfect’ cybersecurity, so encryption and data-centric technologies are increasingly being employed, which I think will protect personal information and should be encouraged.”

“It’s always possible to break encryption,” he continues. “It’s always possible to break a network. But I think it needs to be seen – quite validly – as a significantly lower risk.”

Notifications are another area of concern, with ITAC believing the proposed regulations’ rigid adherence to notifying consumers about each and every data breach could lead to “notice fatigue.”

“There needs to be a real focus on risk,” Messer says. “If the government insists that everyone uses their standard form, then everyone will begin ignoring standard forms, and then notifications will become meaningless.”

Instead, he says, regulations should account for whether a data breach poses a genuine risk – and not all of them do.

ITAC also believes that whatever it chooses to do, the federal government needs to help facilitate its new data breach reporting laws – by introducing accreditation and support programs to help businesses make sense of the cybersecurity landscape, for example, so that meeting the new requirements is as painless as possible, Messer says.

He also disagrees with proposed regulations that would require companies to keep records for five years.

“If the goal is to recognize patterns in data breaches and help create ways for other businesses to protect themselves and their customers, the government needs to recognize that the cybersecurity landscape is constantly evolving – so if you look at records five years back, they’re not going to be very useful in protecting someone in the current landscape,” Messer says.

Instead, ITAC suggests implementing a record-keeping period of no more than 24 months, with the new standards defined in a flexible enough way that businesses can easily incorporate them into their current practices.

“It doesn’t need to be an intense process with a lot of requirements,” he says.

Notifications can be a good thing

Ann Cavoukian, who served as Ontario’s Information and Privacy Commissioner from 1997 until 2014 and now works for Ryerson University’s Privacy and Big Data Institute, says that while she agrees with ITAC that the new data breach notification laws should not stand in the way of innovation, she also believes the companies the organization represents need to respect the extent to which data breaches leave consumers feeling vulnerable – and the important role notifications can play in retaining them.

Ann Cavoukian
Former Ontario privacy commissioner Ann Cavoukian thinks data breach notifications can benefit an organization.

“It all depends on how you frame it,” she says. “If you’re honest with your customers, and say, ‘these are the measures we took, but despite our best efforts there was a data breach and we wanted to notify you as quickly as possible – here’s what you can do about it,’ I think that can increase your trustworthiness with your customers.”

“I think the Privacy Commissioner is taking a very principled position,” she continues. “I don’t disagree with ITAC that data breach notifications should not stand in the way of innovation and prosperity… but companies need to realize that notifying their customers of a data breach can actually be a positive.”

Cavoukian’s message to businesses is that they need to embed privacy protection measures into their operations, including data storage, software platforms, privacy policies, and the like. Not only will it not impede creativity and innovation, she says, it might help your company move ahead of the game.

“I don’t want in any way to appear that I’m opposing what the Privacy Commissioner is saying,” she says. “You can have privacy and functionality. It’s not an either/or proposition. What we really have to get rid of is the type of zero-sum, win/lose thinking that has plagued us for far too long.”

Article source: http://www.itbusiness.ca/news/new-data-breach-notification-standards-should-be-flexible-adaptive-itac-says/78583

,

No Comments

No Texas companies held accountable for data breaches

style=”” class=” js no-touch history csstransforms csstransforms3d csstransitions video” lang=”en”<!– <!– –>





The Office of the Attorney General hasn’t disciplined a single Texas company for failing to notify customers of a data breach – and records show it is only directly notified of a small portion of the incidents, the Dallas Business Journal has learned.

The issue could stem from the way Texas’ cybersecurity law is constructed. Although it calls for the OAG to penalize companies who don’t notify their customers about data breaches, Texas’ standard doesn’t require businesses to actually report breaches to any governmental agency.

The state is effectively looking for speeders without a radar gun.

Tracking trouble

The OAG says they catch wind of the incidents anyway – through media reports, word of mouth and “courtesy” notices from companies and consumers. But experts note that breaches are rapidly increasing in prevalence and that even companies themselves are having trouble keeping track.

“We’re at a point where it’s not if you’re going to be breached,” said Drew Snow, Tech Titans cybersecurity forum staff liaison. “It’s when you’re going to be or whether you know you have been already.”

One of the most pressing immediate challenges among experts in the cybersecurity field has been getting public and private leaders alike to grasp the gravity of the issue. As threats multiply, government will inevitably have a hand in sorting through how businesses protect themselves.

Falling victim to a breach, in and of itself, isn’t illegal. But similar to most states, Texas requires businesses to notify affected individuals that their information has been compromised.

If they don’t, the OAG can bring action to recover civil penalties equaling as much as $100 per person for each day the individual went without notice, with a max of $250,000 per person.

“Businesses that aren’t giving notice are at high risk that they’ll be found out,” Assistant Attorney General Esther Chavez said. “And if they’re found out, Texas provides very significant penalties.”

But the state hasn’t used that power. And records show it doesn’t receive notice of many incidents.

According to records, the office has been notified in writing of about 30 cybersecurity incidents. Many come from out-of-state companies. The incidents are of various levels of significance; ten notices from Bank of America concern minor email incidents involving one or two customers.

“That is a proverbial drop in the ocean,” said Jason Cook, BT Americas’ Dallas-based Chief Information Security Officer. “If you were to look back in the last two or three years – just because of the sheer activity that’s going on in Texas, we’re talking hundreds of breaches of various shapes and sizes.”

Most agree that foundation-shaking breaches are impossible to keep under wraps. LinkedIn, Home Depot and Sony are among the dozens of companies to receive national media coverage. In the last two months, North Texans have read about hacks at Cicis and Omni.

Growing risk

One avenue to slow the stream could be getting companies to share information about threats.

To that end, Congress passed the controversial Cybersecurity Information Sharing Act late last year. Although it allows a freer flow of critically useful information about threats, opponents say bringing the government into the mix makes consumer information more vulnerable on the whole or see the act as a surveillance measure under the guise of security.

Snow doesn’t dismiss the government’s vulnerabilities but points out the strength in sharing information – particularly considering the constantly evolving nature of the underground hacking ecosystem.

“They’re constantly out there looking for a new way to do it,” he said.

Sandra Blanke, who heads the cybersecurity program at the University of Dallas, said she’d prefer to keep collaborative freedom and power in the hands of private industry.

“I want us to see the benefits ourselves,” she said.

A Deloitte study earlier this year showed C-suite executives in Dallas and elsewhere are slowly starting to view cybersecurity as a risk to the company rather than simply an IT risk.

The business of cybersecurity is blossoming in response. Forbes reported the industry was worth $75 billion in 2015 and predicted the number will reach $170 billion by 2020.

When an issue does occur – particularly those with victims spanning dozens of states – sorting through who to notice and how to notify them can bring headaches, which might explain Bank of America’s approach to notify Texas of even its smallest instances.

“What everyone is doing is kind of creating their own responsive plan for when something happens,” Snow said.

Click here to see this story in its original home with our content partners at the Dallas Business Journal.

Copyright 2016 WFAA



TRENDING VIDEOS



More Stories
  • Richardson woman, secret boyfriend missing for seven weeks
    Richardson woman, secret boyfriend missing for seven weeks
  • Frisco ISD explores cuts after voters reject tax hike
    Frisco ISD explores cuts after voters reject tax hike
  • Waxahachie community shows support after
    Waxahachie community shows support after…



Article source: http://www.wfaa.com/news/local/texas-news/no-texas-companies-held-accountable-for-data-breaches/310628064

,

No Comments

Data Breach Happened As Washington Was Trying To Move To New Vendor

The company involved in a data breach involving Northwest fish and game licenses is a vendor the state of Washington has been trying to part ways with for years.

Texas-based Active Network Outdoors calls itself the leading provider of central reservations and licensing systems to U.S. states. Washington’s Department of Fish and Wildlife first contracted with the company in 2005 when it had a different name and was based in Missouri.

In 2011, Fish and Wildlife contracted with a new vendor which failed to deliver. The agency was forced to stick with Active Network while it went out to bid again for a replacement system. Washington’s new hunting and fishing online portal is supposed to be ready this December.

The hack affects more than 2 million current and former license holders in Washington whose information may have been compromised. In a statement, Active Network says the threat was isolated and security patches have been installed.

The information that was compromised could include names, addresses and the last four digits of Social Security numbers. Washington Fish and Wildlife said Active Network recently passed an IT risk assessment.

The state has resumed in-store and over-the-phone sales of hunting and fishing licenses. But online sales of licenses remain suspended in Washington, Oregon and Idaho.

—–

Full statement from Active Network:

On August 22, we became aware that we were the victim of an unauthorized and unlawful attempt to access our online hunting and fishing licensing applications in Idaho, Oregon, and Washington. All indications are that this potential threat was isolated. Consistent with our long-standing and comprehensive security procedures, our team took immediate action. Within 15 hours, we conducted a full security sweep and tested and released an update to the three applications to address the reported threat. As an additional protective measure, we have engaged a top-tier cybersecurity firm to conduct a review.

Protecting customer information has always been our highest priority. It is important to note that we have not received any reports of misuse of personal information related to this reported threat.

Our applications remain operational and we are committed to working with our state customers and law enforcement to assist in their own investigations of this matter.

Copyright 2016 NWNews. To see more, visit NWNews.

Article source: http://kuow.org/post/data-breach-happened-washington-was-trying-move-new-vendor

,

No Comments

1.7 Million Opera Sync Users May Have Been Affected by Data Breach

On Friday, Opera warned its users that the Opera Sync service may have been breached.

On their blog, Opera reported they detected “signs of an attack where access was gained to the Opera sync system. This attack was quickly blocked. Our investigations are ongoing, but we believe some data, including some of our sync users’ passwords and account information, such as login names, may have been compromised.”

The company assured its users that passwords are hashed and salted for encryption, but they have asked users to reset their passwords as a precaution. They also encouraged Sync users to change any third-party passwords that may have been synchronized with their service.

While 1.7 million users may have been affected, this represents only 0.5% of the 350 million people who use the browser.

Article source: http://www.lowcards.com/1-7-million-opera-sync-users-may-have-been-affected-by-data-breach-44687

,

No Comments

Data breaches could cripple the growth of mobile wallets – Business …

Mobile Payments BadBII

See Also

This story was delivered to BI Intelligence “Payments Briefing” subscribers. To learn more and subscribe, please click here.

Regardless of the platform affected, data breaches deter consumers, according to new data from the 2016 KPMG Consumer Loss Barometer.

Forty percent of mobile wallet users would not feel comfortable using a mobile pay app that had recently been hacked, according to the study.

Most major mobile payment apps seem to be safe. But risks persist — for instance, it may bepossible, though cumbersome, to intercept credit card data from Samsung Pay through a tokenization flaw — which means that mobile wallets must be careful if they are to avoid blunders that hurt adoption.

If breaches occur in the future, the impact on the ecosystem at large could be massive.

  • Potential users are already consistently concerned about mobile payment security.Consumers are consistently worried about mobile payment security, which is stopping them from using the wallets. Two of the top five reasons that mobile phone owners cite for not using mobile payments are related to safety and security. As many as two-thirds of consumers polled in Q4 2015 by the US Federal Reserve said they’re concerned about the security of mobile payments, and almost half don’t trust the technology. Future data breaches could exacerbate these concerns among nonusers.
  • And KPMG’s data indicates that a breach could impact wallets’ already low adoption. Just 23.8% of eligible US users had tested Apple Pay, the most common US mobile payments service, by June 2016, up by just 0.5% since March 2016, which indicates relatively slow adoption that’s beginning to plateau. A future breach could not only dampen slow adoption, but also shrink the existing pool of users. That could have major implications for the ecosystem’s future development.

At the moment, mobile payments are becoming more popular, but they still face some high barriers, such as consumers’ continued loyalty to traditional payment methods and fragmented acceptance among merchants. But as loyalty programs are integrated and more consumers rely on their mobile wallets for other features like in-app payments, adoption and usage will surge over the next few years.

Evan Bakker, research analyst for BI Intelligence, Business Insider’s premium research service, has compiled a detailed report on mobile payments that forecasts the growth of in-store mobile payments in the U.S., analyzes the performance of major mobile wallets like Apple Pay, Android Pay, and Samsung Pay, and addresses the barriers holding mobile payments back as well as the benefits that will propel adoption.

Here are some key takeaways from the report:

  • In our latest US in-store mobile payments forecast, we find that volume will reach $75 billion this year. We expect volume to pick up significantly by 2020, reaching $503 billion. This reflects a compound annual growth rate (CAGR) of 80% between 2015 and 2020.
  • Consumer interest is the primary barrier to mobile payments adoption. Surveys indicate that the issue is less the mobile wallet itself and more that people remain loyal to traditional payment methods and show little enthusiasm for picking up new habits.
  • Integrated loyalty programs and other add-on features will be key to mobile wallets taking off. Consumers are showing interest in wallets with integrated loyalty programs. Other potential add-ons, like in-app, in-browser, and P2P payments, will also start fueling adoption. This strategy has been proved successful in China with platforms like WeChat and Alipay.

In full, the report:

  • Forecasts the growth of US in-store mobile payments volume and users through 2020.
  • Measures mobile wallet user engagement by forecasting mobile payments’ share of their annual retail spending.
  • Reviews the performance of major mobile wallets like Apple Pay and Samsung Pay.
  • Addresses the key barriers that are preventing mobile in-store payments from taking off.
  • Identifies the growth drivers that will ultimately carve a path for mainstream adoption.

To get your copy of this invaluable guide, choose one of these options:

  1. Subscribe to an ALL-ACCESS Membership with BI Intelligence and gain immediate access to this report AND over 100 other expertly researched deep-dive reports, subscriptions to all of our daily newsletters, and much more. START A MEMBERSHIP
  2. Purchase the report and download it immediately from our research store. BUY THE REPORT

The choice is yours. But however you decide to acquire this report, you’ve given yourself a powerful advantage in your understanding of how mobile payments are rapidly evolving.

EXCLUSIVE FREE REPORT:
5 Top Fintech Predictions by the BI Intelligence Research Team. Get the Report Now »

Article source: http://uk.businessinsider.com/data-breaches-could-cripple-the-growth-of-mobile-wallets-2016-8

,

No Comments

State Closed Due to Data Breach … Gone Fishin’

Americas
+1 212 318 2000

Europe, Middle East, Africa
+44 20 7330 7500

Asia Pacific
+65 6212 1000

Article source: http://www.bna.com/state-closed-due-b73014446957/

,

No Comments

Council employee sent third party information to public, data breach report reveals

File picture

Article source: http://www.bournemouthecho.co.uk/news/14710117.Council_employee_sent_third_party_information_to_public__data_breach_report_reveals/?ref=rss

,

No Comments