What’s the Safest Way to Pay?

Cash, check, or card? These days, the question isn’t so simple. When you can complete any transaction with half a dozen apps and taps, how do you choose?

The pros and cons of cash vs. check vs. card are fairly well baked into our consciousness. But in recent years, with the advent of tap-to-pay, Zelle, Google Wallet and what can feel like a mountain of other new payment options, it’s not as straightforward to judge the safest and most secure method for any given transaction. 

Let’s break down the multiplicity of options into two categories: point-of-sale terminals (in-person transactions) and mobile payment apps (online transactions). 

What’s the Safest Way to Pay at Point-of-Sale Terminals? 

In our physical everyday lives, most of us still use cash and checks occasionally. More often, though, we’re conducting transactions using point-of-sale (POS) terminals to connect to our bank or credit card accounts. Historically, plastic cards have been the medium, and now our cell phones also do the job. These point-of-sale transactions at stores, restaurants, and gas stations have evolved over the years–and rapidly since the pandemic. Each evolution has aimed to protect cardholder information from fraudsters. 

PayPal’s New Data Sharing Terms of Service Take Effect This Month The earliest of adopters have been sending peer-to-peer mobile payments for a quarter century now–ever since the launch of PayPal in 1998. On November 27, 2024, PayPal will update its terms of service to allow for sharing of user data with retailers, in most states. According to their website: “Starting early summer 2025, we’ll be building more personal experiences for you. You can opt in and out of sharing at any time by adjusting this setting.” To opt out, log in to PayPal and go to Settings > Data & Privacy > Manage shared info > Personalized shopping, and toggle the option off.

The Swipe. The swipe has been with us since 1979. When you swipe a plastic card, the strip on the back transmits your account information to the point-of-sale terminal directly. The risk associated with swiping cards is called skimming. Skimming refers to when criminals set up an illegal device to collect debit and credit card numbers and PIN data, usually at ATMs or gas stations where a point-of-sale terminal is often unattended.  

The Chip. We’ve been inserting credit cards into readers since the late 2000s. Chip cards generate a different new “token” every time they’re used, making them encrypted. Chip cards are safer than swipe cards, but they’re still vulnerable to an illegal tactic called shimming. Thieves insert a thin sleeve called a shim into a card reader that is able to capture your card data and reconstitute and authenticate it later. 

Tap-to-Pay: Card, Apple Pay, and Google Pay. Also called contactless payment, tap-to-pay is currently the safest physical payment method. Tap-to-pay runs on technology known as RFID (Radio Frequency Identification) or NFC (Near-Field Communication): in other words, encrypted radio waves. Contactless cards and tap-to-pay apps on smartphones have only gained popularity in the U.S. in the last several years. So, while tap-to-pay crime exists, it’s not yet enough of a problem to have earned its own neologism like skimming or shimming. In theory, thieves can buy RFID skimming devices that steal and decrypt contactless card information, but it’s not worth their while. The devices are expensive, and to employ one, the would-be thief needs to hover near the point of sale. Until the best criminal minds catch up with the latest technology, contactless is the most secure way to pay at a point-of-sale terminal. 

What’s the Safest Way to Pay via Mobile Payment Apps?

When you’re shopping online, buying from small merchants in person, or exchanging money between family and friends, you have plenty of options for mobile payment apps. 

Apps like Zelle, CashApp, Venmo, and PayPal offer “peer-to-peer” (P2P) payments, meaning they allow you to transfer money to friends and family without any fees. Most of these apps also work with retailers to process payments–and usually those transactions incur a fee. The retailer either pays that fee themselves or passes it on to the buyer. 

The two major mobile players–Apple and Google–offer their own proprietary payment app options.

Apple Pay vs. Apple Cash

What’s the difference? Apple Pay is a mobile payment solution. When users add an existing credit card to Apple Pay, they can then tap their phone, instead of the plastic card, to the point of sale terminal. 

Apple Cash is a card unto itself–a digital one, but you can also request a plastic Apple Cash card. Think of Apple Cash as a debit card. You add money to Apple Cash from existing bank accounts and/or transfers to you from friends through Apple Cash. You can use Apple Pay to apply your Apple Cash balance to purchases or to pay friends. So, Apple Cash is both a retail and peer-to-peer payment method. 

Google Pay is Dead. Long Live Google Wallet.

If you’re confused by the difference between these proprietary payment apps, you’re not alone. It would seem that Google has also struggled to determine whether its users need one payment app or two. For now, they’ve decided to gradually discontinue Google Pay (as of June 2024) and direct users to Google Wallet. Google Wallet functions similarly to Apple Cash.

All the major apps–Zelle, Venmo, CashApp, PayPal, Apple Cash, and Google Wallet–use robust safety measures including fraud protection, two-factor authentication, encryption, and purchase verification. In general, you can feel secure about using them, especially if you use a strong password and set up two-factor authentication on your account. None of the major apps are particularly more secure than others. However, if you hear about a new mobile payment app that you’re not familiar with, get several personal and professional recommendations before linking it to your bank account or credit card. 

The major players are pretty secure, but are scammers hard at work trying to make mobile payment apps work for them? Sure. “Scammers use mobile payment services to trick people into sending money or merchandise without holding up their end of the deal,” warns the Consumer Financial Protection Bureau. “For example, a scammer may sell you concert or sports tickets but then never actually give them to you […or] purchase an item from you, appear to send a payment and then cancel it before it reaches your bank account.” 

As with your regular bank account, stay vigilant against scams, check your account balance and transactions often, and contact the app immediately if you notice anything amiss. 

This article is not intended to be a substitute for professional financial advice from a qualified financial advisor.

Sources:

https://lukearapaka.substack.com/p/swipe-insert-or-tap-whats-the-best

https://umsafoundation.org/dip-swipe-contactless-technology/

https://www.fico.com/blogs/contactless-payments-fraud

https://www.pcmag.com/picks/the-best-mobile-payment-apps

https://www.idx.us/knowledge-center/rfid-skimming-is-the-danger-real

https://www.shopify.com/ng/blog/mobile-payment#

https://www.forbes.com/advisor/money-transfer/zelle-vs-venmo/

Blog posting provided by Society of Certified Senior Advisors

www.csa.us