Discussion of Technology Risks Faced by Two Contemporary Mobile Payment Systems from the Perspectives of NFC and Tokenization

Mobile payment systems are one of the key enablers in financial technology (FinTech). Because of its importance and big impact to the success of FinTech, its technology risks have to be dissected and fully understood so that the implementers can have sufficient knowledge in its risk management process. Among the numerous mobile payment systems available on the market, the research team has selected two contemporary ones for analysis. These two systems use two most popular mobile operating systems, namely, Apple’s iOS and Google’s Android. Apple Pay and Android Pay are two mobile payment systems equipped with different security mechanism based on those two types of operating systems. Since release of Apple Pay, NFC technology, tokenization, and Secure Element have become hot topics in m-payment ecosystem. In this paper, security of the two mobile payment systems in terms of NFC and tokenization is discussed. The conclusion would be that consistency of Apple operating system helps reduce complexity in building up security mechanism, EMVCo tokenization specification and device-centric Secure Element implementation help make responsibility division clearly among stakeholders in the mobile payment ecosystem.