During the past decade, cybersecurity threats have drawn everyone’s attention and it’s becoming a national priority in many leading countries. With the development of sophisticated mobile technology, mobile (contactless) payment insecurity, which may cause huge financial losses, is now becoming a serious threat to our daily life. During the holiday season in 2013, China’s most welcome mobile payment system provider - Alipay - lost over 20 GB worth of customer data in a security breach, which affected at least 15 million customers. Even though the company has promised to evaluate the security of the system and to take necessary measures to protect customer’s data, are we still safe with the payment? In this paper, we investigate several security vulnerabilities for Alipay wallet, which may cause individual’s personal data and financial losses. This is due to not only less regulation by authorities but also the failure of enabling secure proximity authentication during mobile payment. By going through these surprising vulnerabilities, we come up with some ideas on how to combat them and show how to enhance the mobile payment security by enabling proximity authentication before monetary transactions.