Security of SMS Payments

Jamie Roberts

Jamie has covered the Internet of things since the late 1990s. Having experienced the first dot com boom and bust, he knows the value of lean operations, and making smart business choices.

More about Jamie

Jamie Roberts2020-10-30T13:37:54+00:00Published: April 7th, 2013|Tags: SMS Payments|

SMS payments are incredibly secure. This is the main point you need to emphasise to your customers, to reassure them that any SMS payment transaction will be safe for them. When you come to ask for payments via SMS remind them that because the customer doesn’t need to enter in their credit card details or bank details, there is no risk of their credit cards or bank accounts being hacked into.

Safety and privacy for customers

To use SMS payments the customer simply sends a premium SMS text to a specified text number. This number is known as a SMS payment gateway. The Mobile phone operator knows the customer’s mobile number, the amount of money the premium SMS was for and the SMS payment gateway they need to pay. They don’t know what was bought or from whom. This is also a point you should emphasise to your customers, namely that their purchase is anonymous and no-one will know what they have been buying.

When the phone bill is paid, the mobile operator takes its fee from the premium SMS and passes the remainder of the value of the premium SMS onto the company that provides the SMS payment gateway.

This company, known as a SMS payment provider, looks up the number of the SMS payment gateway for which it has received payment, takes its percentage of the premium SMS and sends the rest of the money onto the you, the company which provided the service.

Security of SMS payments for companies

For you as a company, SMS payments are also incredibly secure. There is less risk of fraud via SMS payments than other online payment methods but risks of fraud do exist.

Fraud can happen, but rarely

The most common risk is that of middle man attack or MITM, whereby someone can ‘hack in’ to the communications going from your customer’s mobile phone and your SMS payment gateway and intercept the payment intended for you. These attacks are, however, becoming increasingly rare on mobile phone networks as most mobile phone operators now have upgraded their security systems and authentication keys to make such MITM attacks almost impossible. Before signing up to a SMS Payment Provider, you should enquire as to what security measures they have put in place to protect your SMS Payment Gateway from MITM attacks.

Chargebacks

A chargeback is where a user can request to have the SMS payment refunded to his or her account. This is in case of non-delivery of goods, or fraudulent SMS Payment charges having been deducted from their phone.

This is why, in the UK, there is always a delay between the SMS Payment being deducted from the customer and it being sent on to the company. The delay is built in to allow for chargebacks.

Some users, however, can try and initiate a chargeback even when they have received the goods or access to the service they paid for.

This is annoying and can be costly. However, some SMS Payment Providers will guarantee to send you your full payments without deducting chargebacks from the payments they send you, absorbing any chargeback losses themselves. If you start to see a lot of losses from chargebacks you might want to investigate using a SMS Payment Provider who won’t deduct chargebacks from your payments.

Jamie Roberts

Jamie has covered the Internet of things since the late 1990s. Having experienced the first dot com boom and bust, he knows the value of lean operations, and making smart business choices.