mCommerce also brings a range of risks to consumers:
- Scam emails, websites, messages and mobile apps can be used to trick consumers into making mCommerce payments to the wrong people;
- Hardware or software errors can cause incorrect or multiple mCommerce payments;
- Prices for items bought with mCommerce services can include a premium;
- It is relatively easy to lose or break a mobile device; and
- Mobile devices store an increasingly large amount of information about users (e.g. contact lists and locations) that can be accessed by apps.
These risks also apply to users of fixed line eCommerce services, and should not be viewed as an overwhelming deterrent mCommerce. ACCAN has produced a guide in conjunction with consumer advocacy group CHOICE to help you analyse and address these issues.
The following practices will help you deal with the risks that are within your control.
Although some mCommerce transactions (e.g. low-value 'contactless' credit card purchases) have no security requirements, you may prefer to ensure that:
- all transactions include a default authentication step (e.g. a password or PIN);
- precautions such as the use of strong passwords are enforced;
- your members and customers are regularly updating their personal protection against 'malware' (i.e. viruses and spy programs); and
- you make it easy to find warnings and advice on self-protection on or via your site.
Complaints and Redress
Your customers should have clear, simple and easily findable mechanisms for:
- lodging complaints and disputing charges;
- notifying you about missing or stolen device or personal data; and
- seeking redress or remedies.
Your mCommerce system should provide users with a clear record of transactions, including:
- the time and place of the transaction;
- the value of the transaction;
- the merchant or payee involved;
- the type of transaction (e.g. NFC or a remote credit payment); and
- whether or not the transaction was successful.
Remember to remind your members and customers that they are responsible for making basic efforts to protect their personal information and device(s). Accidental damage to a customer's device is an expense of a personal nature