3 Steps to better cybersecurity in touchless business solutions (part 1 of 3)

June 22, 2020  |  Mayleen Menez

guy using a touchless  app

Image Source

This blog was written by an independent guest blogger.

The current pandemic that has upended our lives and wreaked havoc across the world have also humbled countries to a shocking degree. As borders closed, so did major sectors, industries, and businesses. Brick-and-mortar establishments had to cease operations and resume their business remotely to comply with quarantine measures. 

As conditions are getting better, the next challenge is for governments to restore both lives and livelihoods. Businesses are now preparing strategies and solutions on how to get safely back to work while complying with quarantine guidelines released by policymakers and preserving both their workforce and customers. 

All the countries that kept their economy going followed rigorous physical distancing rules, aside from other measures to contain transmission chains. These countries give hope that getting back to a “new normal” is indeed possible, even if we do not see an end yet to this global tragedy.

The demand for social distancing is hastening our transition to a more digital economy. Businesses need to streamline their operations, automate, and integrate touchless solutions to preserve human touch and prevent contamination. But heightened automation and touchless technology also call for more robust cybersecurity systems to prevent fraud, data breach, and attacks.

This is a 3-part series discussing ways to better cybersecurity in touchless business solutions, with recommended preventive measures against cyber attacks that keep both business and clients secure.

  1. Practice extra caution in cashless payment solutions.

Because of the severity of the virus attack on individuals, many establishments in different countries have banned cash payments altogether. Debit/credit card payments were made touchless manually, with cashiers letting consumers swipe their cards on the PED, which are then cleaned and sanitised after every use. 

But a more straightforward way to go touchless is to go cashless, with the use of E-wallet payment systems and payment apps.

An E-wallet is an app that lets you store money, transfer directly to your bank account, so you can use your mobile to shop and pay for items by scanning a QR code.

The E-wallet can be connected directly to a consumer’s debit/credit account. The more cautious consumer can also top up or load just the cash they need on their E-wallets before making any transaction. No matter what system consumers use, every part of the sale is digital from payment to receipts. Even for microbusinesses in small communities, cashless payment is still possible through online payment apps.

Risks in cashless payment solutions

Smishing attacks

Smishing is a kind of phishing attack where someone tricks you into giving your credentials through a phone call or SMS message. It has become a significantly growing threat in the world of online security. The pandemic only encouraged hackers to intensify their smishing efforts.

Untrusted apps and phishing SMSes are giving cyber attackers full access to consumer’s phone and e-payments. For instance, a hacker can send a phishing SMS disguised as coming from a trusted E-wallet service provider. It may offer freebies like extra top-up credit. Once a consumer agrees to the CTA (call-to-action), like download the “app” link, which is the Trojan virus, the consumer automatically gives the hacker access to their device. It can now steal whatever data is in that phone, including personal identification and bank details. The newly downloaded virus disguised as an app can intercept messages and two-step verification codes that the legitimate establishment sends to verify the identity of the consumer.

Since cyberattacks have increased during the pandemic, the best prevention is to be extra cautious. Be extra careful when it comes to allowing apps of any kind to access your bank details. Think twice before clicking any links, whether sent through SMS or your email. When in doubt, you need to call your bank or the e-payment company if they have any such running promo. If you receive email promotions, always check the URL matches provided in emails sent to you.

Some cybercriminals may usually use threats that your cybersecurity or bank details may have been compromised or your account has been blocked. Call your bank directly. It always pays to verify before clicking any links. Even if you receive a message from a person you know, do not just trust the message. Remember that hackers who get into a phone through a Trojan virus can remotely access its contacts list and send smishing messages to all.

Wireless identity theft

Wireless identity theft this kind of attack is also known as contactless identity theft or RFID identity theft. RFID is Radio Frequency Identification found on RF-enabled cards like national identification cards and debit and credit cards. These cards are embedded with an ID chip which response to specific radio frequencies. With simple machines that can skim RFID cards under the owner’s nose, cyber attackers can gather data from the cards, steal identity, and money.

The ease of not having to bring cash with you is no longer a luxury at a time like this, but a health safety protocol. However, how can you prevent RFID skimmers from stealing from you?

Simple solutions are to purchase an RFID-blocking wallet or purse, or an RFID card insert. But the most effective and convenient is to buy an RFID-blocker card that you can insert in any wallet to prevent RFID-skimming devices to get your card’s data.

Establishments should also have their PED systems and POS systems checked regularly for viruses and any irregularity. Some hackers are known to pretend to buy something with a debit or credit card that is infected with malware. Once they get inserted into a PED system, the hacker will have access to the succeeding transactions from legitimate customers. 

Lost or stolen smart phone and devices

We have long gone from using our phones for just calling and messaging. It has become our personal assistant, most excellent productivity tool, and even a way of paying for goods and services. In this regard, the risks are incredibly high whenever we lose our smartphones or if it is stolen from us.

We need to be ahead when it comes to securing our mobile devices. One of the simplest ways is to lock your phone. It might be cumbersome to have to log in all the time with a pin, unlock pattern or biometric login, but it buys you time to lock your phone remotely when it is stolen or missing. Some phones now have facial recognition, or voice recognition unlock system. If you are using numeric passwords, change your password routinely as an added measure of security.

Turn on the tracking system of your phone, so you can “follow” it and hopefully find it when it is lost or stolen.

Be more responsible and aware whenever you use your phone, especially in public places. If it is non-essential, do not open or browse your phone, say, while walking or taking public commute. You can quickly get a new phone when you lose one, but it is your private details you should be wary about because data loss or theft can be more damaging.

How to stay protected in cashless payment solutions

Cashless payment seems to be one of the best and quickest options to preserve human touch, since the technology to apply it is readily available to businesses.

Despite the risks of cashless payment solutions, the convenience of being able to do your transactions cashless and digitally outweighs possible risks, which are easy to avoid if you practice extra care when going cashless. We need to keep finding ways how to avoid unnecessary human contact at a time when it is still unsafe to do so, without losing our ability to function normally and carry on with essential tasks such as banking and retail.

Share this with others

Get price Free trial