Are digital wallet transactions safe?

Digital wallets, e-wallets, and mobile wallets have transformed the way consumers make payments and transactions. In 2023, over half (53%) of Americans used digital wallets more often than traditional payment methods.¹ However, consumers have also shown concern around the safety of mobile payments and digital wallets.²

This article looks at digital wallet security — highlighting the advanced technology used to keep transactions safe — with some practices to ensure personal information stays as secure as possible when using digital wallets.

What is a digital wallet?

A digital wallet is an app or software platform that can facilitate secure and convenient purchases without the need for physical credit or debit cards.

Digital wallets can store multiple forms of personal payment information and communicate selected information to vendors and merchants to complete transactions.

Digital wallets may also be able to store a range of other personal information, including tickets, licenses, subscriptions, memberships, reservations, and loyalty program details.

There are also mobile wallets, a form of digital wallet stored on a phone or mobile device that can be used for purchases online or in-store at point-of-sale (POS) terminals.

Security features of digital wallets

Digital wallets come with built-in security protection to help keep personal and payment information safe. These measures commonly include:

Tokenization

Digital wallets create coded "tokens" for every unique transaction rather than transmitting actual credit card or account details.

Tokenized payments are an anonymous and secure way to transfer sensitive data, helping reduce the risk of personal information falling into the wrong hands should a merchant’s system be compromised.

Encryption

Security encryption is an advanced technology that "scrambles" personal payment data, making it unreadable to hackers and any unauthorized individuals who might try to intercept it during a transaction.

Two-factor or multi-factor authentication security

Two-factor or multi-factor authentication (MFA) security adds an additional layer of protection to a digital wallet. Multi-factor authentication requires numerous forms of identity verification in addition to a basic password. This ensures the user is properly authorized for access to make transactions. This might include, for example, a biometric fingerprint scan, a PIN or code sent to a phone or email, or facial recognition.

Additional security considerations

There are additional measures to keep in mind when using a digital wallet to make transactions. These can include:

• Phone protection. Given the risk of losing a mobile device with a digital wallet installed, it’s important to employ smartphone security practices. Set a strong phone password, PIN, or passkey; enable biometric face or fingerprint recognition; and select "Find my device" features to help retrieve the device in the event it goes missing.
• Malware prevention. Malware (malicious software that can invade a device) can compromise phone security and lead to personal information being stolen. Because malware tends to be less common with digital wallets because of app store restrictions, be sure to download digital wallet apps from official stores only.
• App permissions. Limiting the access an app has to sensitive information stored on a phone — including contacts, camera, or location services — can help provide another layer of data protection.
• Public WiFi security. Public WiFi in cafes, restaurants, libraries, and other public spaces tend to offer weaker security and may leave a device or digital wallet vulnerable to hackers, frauds, and scams. Avoid making sensitive financial transactions over these connections.
• Backup. Consider appropriate settings to ensure the stored information in a digital wallet is backed up and able to be recovered.
• Monitor emails. Emails where a fraudulent party pretends to be a reputable source can lead to the loss of personal information through phishing scams. While most of this content ends up in a spam folder, some can make it to an inbox. Be cautious about what is clicked on to prevent phishing activity.
• Card information. Avoid storing card information online with browsers and merchant’s websites, as it can be vulnerable to data breaches. Using a digital wallet ensures the merchant has no direct access to personal card or account information.

Report suspicious activity

Compare digital wallet transactions with current bank statements to observe any suspicious activity. If detected, report potential digital wallet scams or credit card fraud to the bank or provider immediately. When used responsibly, digital wallets can be a safe, secure, and highly efficient way to make purchases and transactions.

Always choose a reputable provider, ensure the wallet is downloaded directly from the source, and follow strong digital wallet security practices for best results.

Explore the PayPal app.