Payments on the Go: Mobile Payments

Protecting your personal information when making electronic retail transactions

What are Mobile Payments?

Also called mobile money, mobile money transfer, or mobile wallet, mobile payments refer to payment services performed from or via a mobile device such as a Smartphone or an iPod.

Examples include: Apple Pay, Google Wallet, PayPal Here, or other applications that are issued directly by your bank or credit union.

What about using a Mobile Shopping App?

A mobile shopping application or “app” is a piece of proprietary merchant software for a Smartphone or tablet that provides such things as special offers, help finding a product in the store, maps for navigating the store with a floor plan, or help creating a shopping list. Non-merchant apps provide information like prices, reviews, videos and information on products from multiple vendors. Some apps can recognize products via barcode, voice, text search or even cover art, and other apps can help you make good purchasing decisions by comparing prices at different online stores

Where do I get one?

  • Usually free from the merchants website (which may then direct consumer to a download service like Google Play or the iTunes Store)
  • Use a search engine to obtain non-proprietary apps that allow you to compare prices.

How does it work?

  • Each app is likely to have its own look and feel, and work differently. As an example, a restaurant app may allow consumers to view the menu, place an order online and pay for the purchase before even entering the restaurant

How do I pay?

  • Payment is typically made by linking the application to a third party online payment provider like PayPal or a credit card or to a prepaid account directly with the merchant.

How can I protect myself?

  • You should look for the dispute resolution procedures and any liability limits of the apps you download, and consider the payment methods used to fund your purchases.
  • You should also read and understand the apps’ privacy policy—before you download the app—regarding how your data will be collected, used, and shared.
  • And if you cannot find this information, you should consider taking steps to minimize your risks by limiting the personal and financial data you provide, or by choosing a different app.
  • Check the privacy settings on your mobile device and limit apps access to your data and other applications located on your device.

What about Mobile Banking?

It is increasingly common and convenient to conduct banking transactions online using a computer or mobile device. Given the importance of banking information, extra caution is warranted. Important precautions to take include:

  • Do not use Wi-Fi or public computers (e.g. public library, Internet cafe) when doing online banking because the risk of “electronic eavesdropping” is high.
  • Make sure the website is encrypted. Look for the lock symbol (closed lock icon) or “https://” at the beginning of the web address. If it shows (open lock icon) or “http://”, then the site is not secure.
  • Ensure that your anti-virus protection is up to date and that you are using the latest edition of your web browser or your smartphone operating system.
  • Do not use “remember-me” or “auto fill” for your password or personal information.
  • Ensure that you have a strong password with capital and lower case letters, numbers and special characters such as ! @ # $ % ^ & * ( ) .
  • Test your password with a password checker available online. Be sure to look for secure sites to ensure your protection.
  • Check your financial institution's policies regarding online services. Some financial institutions in Canada (such as federally-regulated banks) have agreed to be bound by a voluntary commitment for online payments.
  • Close the browser window when you’re done banking and empty the memory cache by clearing your browser history.

What are the Risks?

  • Mobile payment systems may not have the protections available to you when paying with your debit or credit card. Ensure that the payment service provides you with information about the benefits, risks, and the terms and conditions of use for their payment methods. Be sure to take the time to understand such matters, including the extent of your financial liability in the event of a disputed charge.
  • Your privacy may be at risk. You leave a trail of your personal interests and purchasing habits every time you pay with a mobile device. Data derived from mobile payment service providers is sometimes sold to marketers.
  • Consumer privacy while using mobile payments is protected by the federal Personal Information Protection and Electronic Documents Act (PIPEDA). However, many service providers are based in the United States or elsewhere and may not comply with Canadian legislation. In some cases, Canadians’ personal information may be legally accessed by foreign governments.
  • Mobile devices are vulnerable to security exploits (viruses, spyware, etc.), often without the knowledge or consent of the user, and identity theft and fraud may occur from a successful breach.
  • Finally, if your Smartphone runs out of power – or is lost or stolen – you no longer have access to your payment applications.

How Can You Protect Yourself?

Just as you would protect yourself while using a desktop or laptop computer, you should be as equally vigilant when using your mobile device.  Ensure that you:

  • Create strong passwords on your devices and on your financial accounts and apps.
  • Do not share your passwords with anyone.
  • Change your passwords regularly.
  • Install software protection against computer viruses or worms, Trojan horses, spam and malware.
  • Develop an awareness of scams, such as “phishing” scams where scammers attempt to trick people into giving up their passwords and other information, especially identity and password information.
  • Protect your device (phone, laptop or tablet) from theft or loss:
    • Thieves can snatch or grab your device while you are walking on the street or in a shopping mall, even while you are talking on the phone!
    • A device can be taken if left momentarily unattended (“I turned my back and it was gone”).
    • Before you leave somewhere, check that you have your device. Did it fall out of your pocket? Did you forget to put it back in your bag? Keep track of your belongings.
  • Turn off Bluetooth, Near-Field-Communication (NFC), Wi-Fi, location services and file sharing programs when you are not using them.

Useful Links


Banking, Credit, Debit, Mobile Payments

Internet Use

Identify Theft