Are Digital Wallets Safe?
Bulky physical wallets can now be replaced by an app or browser extension. As convenient as this sounds, can we really put our wallets in the same category as our cameras, maps, and flashlights? Are digital wallets safe?
What are digital wallets?
A digital wallet is a financial app or browser extension that runs on a connected device and safely stores payment information like credit cards, bank accounts, and PayPal info on the cloud. Digital wallets can simplify and secure online shopping, but some digital wallet apps like Google Pay™ and Apple Pay® are optimized for in-person purchases with mobile devices.
How do they work?
A secure digital wallet works by storing payment details on the cloud so that you no longer need physical plastic cards or cash to complete purchases. Password manager-based digital wallets use the actual card number on your device while other digital wallet providers generate virtual card numbers that are only associated with the mobile device and digital wallet you use. Some digital wallets can be used to make convenient online and point-of-sale (POS) purchases from participating vendors while others are ideal for secure online shopping. The encryption, secure storage, and autofill features of a password manager-based digital wallet ensure your financial information remains private throughout each transaction.
What do digital wallets do?
Digital wallets have exploded in popularity due to their convenience. By storing financial information and transaction history in an app or on the cloud, a new method of shopping has been introduced that will:
- Allow you to consolidate payment methods. Many of us have gotten used to carrying multiple credit, debit, and business-related cards since it’s sometimes hard to predict what payment method you’ll be using on a given day. This makes wallets and purses a treasure trove for thieves and scammers looking for easy access to financial accounts. A digital wallet removes the need to carry a physical wallet by securely storing all your payment information.
- Enable payment with autofill or tapping a mobile device. Online checkout forms can now be securely autofilled with your saved payment and shipping information. In-person payments are completed using a secure digital wallet simply by opening the app, selecting a payment method, then tapping the device at the payment terminal. Either method provides a level of convenience that could not be imagined a decade ago.
- Simplify shared payments with others. One frequently utilized feature that streamlines payment processes at home or at work is the ability to split payments among multiple users for things like restaurant bills and other shared purchases.
- Use encryption or tokenization to secure and protect payments. Password manager-based digital wallet security uses encryption to protect your private information. Encryption scrambles your payment details and stores them on the cloud then decrypts them for purchases. For mobile digital wallets using the tokenization method, the card number, expiration date, and CVV are replaced by a token that is presented when you complete your transaction. Your actual account information is never provided to the vendor or otherwise exposed.
Want to learn more about using Dashlane Password Manager at home or at work?
Check out our personal password manager plans or get started with a free business trial.
What don’t digital wallets do?
Digital wallets have shown us how mobile devices and modern computing practices like encryption, cloud storage, and wireless communication can make our financial lives more convenient, but many still have a few limitations. Some of the things digital wallets don’t or can’t do (at least yet) include:
- Work everywhere. There are still many shops and cafés all around the world that operate on a physical payment or cash-only basis, despite the global use of credit and debit cards. Although technology is advancing quickly, the same limitation applies to digital wallets, since smaller stores in remote areas and small company websites may not yet be set up to take digital payments.
- Work without Bluetooth or WiFi. It is important to remember that some types of mobile digital wallet apps rely on an online connection with the provider and a digital connection to the vendor’s system using near-field communication (NFC), magnetic secure transmission (MST), or QR codes. If a location lacks WiFi service or is out of cell tower range, the digital wallet will not function. The vendor’s hardware must also be operational to complete the transaction. These limitations do not apply to password manager-based digital wallets where the credentials can be accessed without bluetooth by entering the vault.
- Provide physical cash. Some digital wallets can be used in lieu of a debit card to withdraw cash from an ATM terminal, but the safest digital wallet applications are the electronic transactions that eliminate the need for cash. Many digital wallets also provide convenient methods to transfer funds to other users electronically, once again eliminating the need to handle or withdraw physical cash.
Tips for securing your digital wallet
Digital wallet providers and device makers have taken steps to safeguard wallet app security, but there are some additional best practices you can incorporate to layer in more privacy and safety.
- Use different codes for your device and wallet app: Your computer, cell phone, and digital wallet are password-protected to prevent unauthorized access. Your device might also provide passwordless options like fingerprint or facial recognition. It might be more convenient to use the same passcode for accessing your device and wallet, but this should be avoided since this one code will provide direct access to your wallet if your device is lost or stolen.
- Keep your codes private: The safest digital wallet security practice is to keep wallet and device passcodes completely private. Protect your codes from prying eyes in busy public settings and keep the codes to yourself. Text messages and notepad apps on your device are not secure or encrypted locations to store codes or payment info. You should also refrain from sharing your codes with friends, family members, or coworkers over unencrypted channels, as this can undermine your privacy and security.
- Don’t make payments over unsecured WiFi: Pay close attention to the internet connection when you use a digital wallet in a public setting. Unsecured WiFi networks can expose you to hacking tactics like man-in-the-middle attacks designed to intercept confidential information. If you need to join a public WiFi network, you should always use a VPN to protect you from hacking. A VPN routes all communication to and from your device through a secure, encrypted portal.
- Install security apps on your phone or smartwatch: As wallet app security has evolved, additional apps have been developed to let customers beef up the security of their devices and electronic wallets. Antivirus and password management apps add layers of protection for the data you share during digital transactions.
- Monitor your financial accounts: You should feel confident that your digital wallet provider is doing all they can to safeguard your financial information and account history, but it’s also a good idea to review your financial accounts regularly to make sure there has been no unusual or unfamiliar activity.
- Enable 2-factor authentication (2FA): 2-factor authentication provides an additional layer of security by using a second credential, such as a text message, PIN, or fingerprint to verify your identity when you log in. Since a cybercriminal is not likely to have both your login credentials and device available, the chances of unauthorized access are much lower. 2FA should always be enabled when it is offered as a digital wallet option.
How to recover a lost or stolen digital wallet
When you use a digital wallet, losing or misplacing your laptop computer or device is on par with losing a physical wallet, since your personal finances need to be protected immediately. Here are a few steps you can take to minimize the risk and protect yourself if your device is lost or stolen:
- Report it to the wallet provider: Be sure to keep the contact information for your digital wallet provider handy. This should always be your first call when you realize a device linked to your digital wallet has gone missing. The electronic wallet provider may be able to immediately disable the app if you provide your account number or Mobile Equipment Identifier (MEID) number, so keep those handy as well.
- Report device theft: If you are sure the device was stolen, share this information with your wallet provider as well, then call the police. Do the police have time to investigate stolen cell phones? Not typically—but reporting the device as stolen creates a paper trail that becomes important if unauthorized charges are made through your digital wallet. Reporting the theft will also help you get the device back more quickly if it is recovered by the police.
- Remotely disable your device and apps: If your service provider can’t disable your digital wallet and device immediately, you may be able to do it yourself. For example, the Dashlane Password Manager allows you to remotely revoke access, which also removes your data from the device. Both Android and iOS devices include Find My Phone features that help you locate a lost device when said features are enabled. You can use your computer to pinpoint device location, remotely erase data and apps, or disable the device completely.
- Follow the wallet recovery process: Once you get a new device, you will need to re-install the secure digital wallet app to begin the recovery process. This should involve little more than verifying your identity if you took the time to back up your digital wallet account in advance. If not, your digital wallet provider can walk you through the steps required to restore the wallet and its contents.
Dashlane and digital wallet security
Dashlane has channeled the secure encryption, advanced autofill, and zero-knowledge architecture of our advanced password manager into our digital wallet.
Find out how we created a fast, safe, and easy-to-use digital wallet for instant gratification.
References
- Investopedia, “What is a Digital Wallet,” March 2023.
- J.D. Power, “As Mobile Wallets Gain in Popularity, Growing Number of Americans Still Prefer Convenience of Plastic,” January 2023.
- Dashlane, “Why Every Employee Device Should Be Secured,” May 2021.
- First State Community Bank, “The Value of Mobile and Digital Wallets,” July 2022.
- Tokenex, “What is Tokenization?” August 2022.
- Dashlane, “What is Encryption?” March 2019.
- DiveWire, “Digital wallets dig in,” August 2022.
- Square, “NFC Guide: All You Need to Know About Near Field Communication,” January 2022.
- Dashlane, “Is a Passwordless Future on the Way? What You Should Know About FIDO-Based Authentication,” May 2022.
- Dashlane, “Should I Keep My Venmo Private?” October 2020.
- Dashlane, “Why Do You Need a VPN? Don’t Miss These 3 Key Benefits,” December 2022.
- Dashlane, “How Do I Get Dashlane on My New Phone or Computer?” January 2020.
- Dashlane, “How Dashlane Makes 2FA Easy,” June 2022.
- Lifewire, “How to Find Your Phone's IMEI or MEID Number,” July 2021.
- Make Use Of, “9 Things to Do if Your Phone Is Lost or Stolen,” January 2022.
- Dashlane, “Build the Case for a Password Manager in 8 Steps,” 2023.
- Dashlane, “It’s Time to Start Using These Two Essential Dashlane Features,” March 2021.
- Dashlane, “A Digital Wallet for Instant Gratification,” 2023.
Sign up to receive news and updates about Dashlane