In 2024, consumers reported losing $347 million to scams on digital wallet payment apps, according to figures from the Federal Trade Commission. The same analysis found that for each complaint reported, the average loss was an astonishing $4,627.
What CR found: While major wallets use strong technical security measures, fraud monitoring and liability protections vary across providers. Cash App, PayPal, and Venmo say they monitor transactions for suspicious activity. Because they can hold funds in the app and transfer funds, they’re also legally required—under the Electronic Funds Transfer Act—to investigate and reimburse unauthorized transactions and errors.
If someone uses your account without your permission, PayPal and Venmo say they will fully cover the lost funds if you report the activity within 60 days. Cash App caps your liability if you lose your device or password at $50 if you report the incident within 48 hours; if you report the fraud after that but within 60 days, you’ll be on the hook for up to $500. If an unauthorized transaction shows up on your statement, you have 60 days to report it and it will be fully covered.
But Apple Wallet, Google Wallet, and Samsung Wallet don’t commit to monitor for fraud and thus don’t offer those protections. These companies say that because they only facilitate a transaction—not manage or hold funds—they are not subject to the same law as Cash App, PayPal, or Venmo but rather rely on the liability protections from the financial institution that issued your credit or debit card.
When asked about this, Google told us: “While we partner with banks to help them monitor fraud, we do not authorize transactions. The consumer’s card issuer is in the best position to investigate and provide reimbursement for unauthorized transactions.” Samsung told us that its wallet does not monitor or track transactions made by users because the user’s payment cards, transaction details, and transaction history are stored only on the user’s device, and that Samsung servers do not have access to this.
Apple Cash and Samsung Pay Cash, on the other hand, both store funds, and provide some level of investigation and possible reimbursement if you register your account with them ahead of time.
If you’re enticed by a scammer to send them money—say, someone fraudulently posing as an official from your bank or IT support—you’re unlikely to receive much help from some of those companies. Most of them argue that because technically you “authorized” the transaction, even though you were duped, they are not responsible.
“Digital wallet providers should protect users from fraud, even when the user has been tricked,” says CR’s Hand. “If they won’t, these companies should be more transparent about the limits of their liability.”
What to Do
Turn on transaction alerts. Set your phone so that you receive an alert for every transaction. For example, you can do this with Apple Wallet by opening the Wallet app, tapping each bank card or account you use, then selecting “Turn on Notifications.” From there, select toggle switch to “Allow Notifications” so that it’s turned on. This is important because scammers sometimes use small charges to test and see whether you notice and take action, says the CFPB.
Check balances weekly. Review your account and its balances to spot anything unusual, says Hand.
Enable app-level authentication for each purchase. Use facial or fingerprint recognition, or a passcode, to approve each payment, says CR’s Stewart. Only Apple Wallet and Samsung Wallet require this to complete a transaction. With Venmo, PayPal, Cash App, or Google Wallet, you’ll have to manually set the app to require authentication before you make a purchase.
Lock your wallet. That way, anytime you try to access it, it will require some form of ID authentication—such as facial recognition or fingerprint, or a passcode. Doing so protects all your sensitive banking information, including login information for bank or credit card accounts.
Source link
-
-
-
-
-
-
-
-
