Is it safe to pay quickly by mobile phone?

If users can guarantee the absolute security of their mobile phones and short messages, fast payment is safe, otherwise it is unsafe. Fast payment is a convenient and fast payment method. Customers can associate their personal third-party payment account with their own savings card or credit card, and only need to enter the payment password and mobile phone verification code of the third-party payment account each time to complete the payment, thus bypassing the bank payment network. As long as the bank card is bound, users can transfer money from the bank card through Alipay without the bank card password. I discussed the security of fast payment in a previous article. Generally speaking, the key to the security of fast payment lies in the mobile phone. Only by ensuring the absolute security of mobile phones, especially the security of short messages, can the security of fast payment be guaranteed. There are more ways to attack fast payment. If the user has already opened the password of micropayment, the hacker can directly pay micropayment by installing the method of forging ID card SIM. However, to steal a lot of money, you need the user's payment password. Here, hackers use various methods to attack users' payment passwords. In addition to trojans and phishing websites on the computer side, the usual means of attack are also through mobile APP applications. Hackers can first publish malicious applications with hacking functions to various application stores or forums. If users use Android phones to download and install such malicious applications (such as fake game applications), malicious applications will intercept users' short message communication in the background and then pretend to transfer money. By intercepting the user's short message to complete the transaction, or guiding the user to intercept the payment password at the phishing website in the background, the bank's token system such as USBKEY is completely circumvented, thus stealing the user's funds. In order to cope with this situation, Alipay has also introduced mobile phone Ling Bao and other dynamic tokens to enhance the security of mobile payment. Users can see a one-time password "dynamic token" that changes every minute after enabling the mobile phone Ling Bao, and add this dynamic token on the basis of the original SMS. In this way, even if the malicious application intercepts the user's short message and one-time password, it is useless, because it is impossible to calculate the dynamic password needed for the next payment, so stealing the user's funds will fail. The solution of dynamic token solves the threat of hackers stealing funds from users' bank cards through malicious applications. However, if the user's mobile phone is stolen, others can see this "dynamic token" on the mobile phone. Therefore, the ideal solution is to bind the fast payment to a dynamic token hardware (not a mobile phone dynamic token application), such as Ling Bao, which has stopped selling, and the dynamic token can be hung on the key chain, so that even if the mobile phone is lost, it is impossible to transfer money without the dynamic token, and the dynamic token is lost. This scheme can greatly improve the security of fast payment, and it is also easy to realize technically, without driving, so that users don't have to be afraid of the financial risks brought by the theft of their mobile phones.