● With the continuous expansion of the mobile payment market, some criminals have gradually extended their black hands to mobile payment users. Its criminal methods are professional and gang-oriented. Through network contact, criminals who have never met can also divide labor and cooperate to gradually form a black industry chain.
● The regulatory authorities have been paying attention to issues such as infringement of consumer rights and disrupting financial order in the field of mobile payment, and there are related legislations, but some places may not be detailed enough. For example, what conditions should be followed to enable the small amount of password-free payment function and flash payment function, what security standards should be met, what process should be followed in the process of opening a business, whether it is necessary to actively go through user selection, etc.
● While actively promoting the innovation of mobile payment services, it is necessary to strengthen transaction monitoring and risk identification to ensure the security of payment services and protect the legitimate rights and interests of users. When extending the promotion, it is necessary to do a good job in the promotion and safety education of cash payment and mobile payment related products, cultivate the correct payment habits, and effectively prevent risks
□ Legal Affairs Network reporter Zhao Li
□ Dong Jiaying, an intern from Legal Network
In a bakery on Jiayuan Road, Fengtai District, Beijing, a customer who was preparing to settle the settlement touched his pocket with his right hand and suddenly shouted: "Ah! I didn't bring a mobile phone, wait a minute, I will pick it up in the car." Forget that there is still a lot of cash in the wallet that I carry with me.
For this kind of phenomenon, Liu Chang, the staff member of this bakery, has long been accustomed to it.
According to Liu Chang's memory, the historical low of the bakery's turnover occurred on the day when the electronic payment system malfunctioned. "Nowadays, many young people only bring mobile phones when they go out, without cash in their pockets," Liu Chang said.
In fact, the popularization of mobile payment is changing the lives of the public. From eating, shopping, watching movies, buying food at the vegetable market to flying and staying in hotels, the most commonly used cash payment methods in many consumer scenes have become QR code payments.
However, a reporter from "Legal Daily" found that there are still many hidden dangers in the bar code generation mechanism and transmission process.
The rapid development of mobile payment
Cover all aspects of life
"Post-90s" Beijing citizen Zhang Feng has only used cash twice in the past two years or so.
Once in a roadside parking lot, Zhang Feng had to pay 16 yuan for parking. When he saw the old man watching the car using an old-fashioned mobile phone, Zhang Feng, who had no change, had to pay the old man 100 yuan.
Another time was at a self-pay pharmacy in a public hospital, where there was no POS machine or mobile payment option, and only cash was accepted. In order to purchase a 25 yuan eye ointment, Zhang Feng communicated with the cashier whether he could add it as a WeChat friend and then pay the red envelope. He was finally rejected on the grounds that “the cash withdrawal requires a handling fee”.
Now, the old man who collects parking fees on the roadside carries a "handheld smart toll machine" that can directly scan the QR code for settlement. That hospital has also opened up the Alipay payment function.
According to Zhang Feng, the reason why the old man uses mobile payment is to avoid the embarrassment of not having time to charge during peak hours; on the other hand, to avoid contact with cash, which can avoid arbitrary charges and interception of parking fees; and the old man does not Need more change.
Guo Tao, who works in finance in Beijing, is a staunch user of cash. It made him feel like a stranger at a party a year ago.
"At the end of the party, everyone scrambled to check out. But when I took out a wad of money from my wallet to do the bravery, I didn't get the respect that I deserved. My companions have quietly scanned the code, paid, and confirmed, everything is extremely smooth and quiet. In the end, my fellow traveller looked at me and said, “Who still uses cash now?” Recalling the scene at the time, Guo Tao said, “At that moment, I felt the difference between the high-dimensional and the low-dimensional described in "Three-Body". Dimension reduction strikes."
This attack made Guo Tao pay attention to the cashless life around him. You can swipe your card to take the subway and bus to and from get off work, and you can use WeChat, Alipay, and bank card to complete your meals and shopping.
Guo Tao also found that almost all small vendors can use mobile payment to complete transactions, whether it is selling egg fillings or pancakes, whether it is mobile phone film or watermelon, they will use WeChat and Alipay two QR codes. The print is clear and eye-catching. The only restriction he encountered was that the kindergarten where the child was located organized parental donations, which could only be used in cash, not mobile payments.
From the specific data, according to the operation of the payment system in 2018 released by the People's Bank of China on March 18, the volume of mobile payment services has grown rapidly. In 2018, there were 60.531 billion mobile payment services with an amount of 277.39 trillion yuan, an increase of 61.19 year-on-year. % And 36.69%.
Hidden risks behind convenience
Endanger asset information security
However, for some people who refuse to use mobile payment, security risks are the main reason.
"Now, more and more mobile apps are launching paid membership services. Some people just want to experience the membership services, but they will be renewed'automatically' in the next membership cycle. Some apps are inconspicuous when they open a membership. The place defaults to ticking'automatic renewal'. When users find this problem and want to unsubscribe from automatic renewal, they find that the process of unsubscribing is more complicated than the activation process. There are also some apps that do not have the security guarantee for password-free payment. It is easy to cause personal property loss." Guo Tao explained his reasons for not trusting mobile payment.
In recent years, with the rapid development of mobile payment, while improving user experience and making it convenient for the masses, risks have also undergone new changes and shifts.
As a senior computer network security researcher, Jiang Xingpeng discovered that with the continuous expansion of the mobile payment market, some criminals have gradually extended their black hands to mobile payment users. Its means of committing crimes are professionalized and ganged. Through network connections, some criminals who have never met before can also divide labor and cooperate to gradually form a black industry chain.
"Hackers" dragging, washing, and hitting databases are Jiang Xingpeng's expression of the "Internet ghosts" that exist in mobile payments. "In recent years, domestic incidents about the theft of user privacy information have occurred from time to time. The cyber black industry chain has shown an explosive growth trend of low cost, high technology, and high return. Crashing into the database to steal users' personal information has caused many harms to netizens, including financial assets and personal information security." Jiang Xingpeng said.
Prior to this, the China Consumers Association also pointed out that the serious hidden dangers of mobile payment security need to arouse the attention of regulatory authorities. All major payment platforms must also clarify their own legal responsibilities to effectively protect consumers' payment security.
Regarding the word "serious" proposed by the China Consumers Association, Qiu Baochang, chairman of the Beijing Law Society’s E-commerce Rule of Law Research Association, gave an interpretation that payment involves property security and information security, which has seriously affected financial consumers’ confidence.
“Call on regulators to supervise and supervise the banking industry and payment companies related to the banking industry in accordance with the relevant provisions of the Commercial Banking Law, so as to effectively protect the property safety and other rights and interests of financial consumers.” Qiu Baochang said, which involved information security and remote fraud. , Password settings and other issues, "Mobile payment should work harder in password design, multiple authentication, etc.. But this is also a double-edged sword. Too many settings are not conducive to use, and there are security risks if you don't set them."
It is worth noting that at the “2018 Mobile Payment Security and Convenience Publicity Week Launching Ceremony and Mobile Payment Security and Innovation Seminar” held by the China Payment and Clearing Association on June 6, 2018, Ma Guoguang, Deputy Secretary-General of China Payment and Clearing Association Said: “In an open environment, mobile payment risks are gradually becoming the main type of risk, showing new trends such as concealment, complexity, and intersectionality. Account theft and fraud on mobile phones are showing a high incidence, causing users’ funds. Serious losses".
Strengthen technical system construction
Ensure the security of payment business
On March 10th, Fan Yifei, the vice governor of the People’s Bank of China, said in response to a reporter’s question on the mobile payment convenience project that the People’s Bank of China will focus on improving the livelihood of the people, continue to optimize the payment service supply structure, improve the payment service supply level, and better meet the requirements. The people's demand for safe and convenient payment.
Fan Yifei emphasized that while actively promoting the innovation of mobile payment services, it is necessary to strengthen transaction monitoring and risk identification to ensure the security of payment services and protect the legitimate rights and interests of users. When extending the promotion, it is necessary to do a good job in the promotion and safety education of cash payment and mobile payment related products, cultivate the correct payment habits, and effectively prevent risks.
A reporter from the Legal Daily noted that according to the new regulations of the central bank, since January 1, 2019, those who use mobile payment apps to transfer more than 50,000 yuan must submit the details to the central bank's regulatory authority for review to protect the safety of users' funds.
Jiang Xingpeng believes that this can guarantee the safety of personal property to a certain extent. "Personal payment information security should also be given sufficient attention. From data storage to data use, protection is needed, through strengthening legislation, improving policy supervision, and enhancing personal safety awareness. , Strengthen protection measures and other measures".
Zhao Zhanzhu, a researcher at the China Electronic Commerce Research Center, believes that the regulatory authorities have been paying attention to issues such as infringement of consumer rights and financial order in mobile payments, and there are related legislations, but some places may not be detailed enough. For example, what conditions should be followed to enable the small-value password-free payment function and flash payment function, what security standards should be met, what process should be followed in the process of opening a business, and whether it is necessary to actively go through user selection, etc.
A network security practitioner said that in recent years, there have been many cases involving QR codes, including illegal acquisition of citizen information, fraud, and fraud. For the application of emerging technologies like QR codes in multiple fields, relevant supervision and management departments have not yet issued more effective regulations and supervision mechanisms.
"The regulatory authorities have paid attention to the security issues of mobile payment. The relevant departments must formulate relevant policies to ensure that mobile payment operators perform to protect the safety of financial consumers. Many commercial bank operators need to have a unified approach in the pursuit of maximizing benefits. Regulations to ensure payment security in terms of capital investment and manpower matching.” Qiu Baochang said that regulatory authorities should urge commercial entities to perform their duties in accordance with the law, sort out consumer complaints, find out the crux of the problem, and formulate relevant regulations Or establish related systems.
Qiu Baochang also suggested that platform and payment operators should use technology and system construction to ensure the payment security of financial consumers. "Integrity and security are the two cornerstones of the development of mobile payment." Qiu Baochang said.
Source: Legal Network