Square is entering the fray in the growing market for peer-to-peer online payment with Square Cash, where it will face challenges from Google Wallet and Venmo, but also from the evolving threat of online payment fraud.
Square Cash, unveiled on Tuesday, allows payments between debit cards using any email address, without the need to setup a Square account or pay any transaction fees.
"Our goal was to remove the barrier to entry so that anyone could participate, anywhere - using their email," says Katie Baynes, a spokesperson for Square. "Square encrypts and processes customer information through our secure servers, and we do not share customer information with the sender or receiver."
Square already offers its Reader, a device which plugs into a mobile phone and allows individuals to accept credit card transactions for a small fee. With Square Cash the company will compete in the growing online payment space with Google Wallet, Venmo, and smaller tech startups that are designing new peer-to-peer payment methods. More players are likely to enter the online payment space because under regulation in the U.S., websites can perform many banking activities as a non-banking entity as long as they get a state-issued money transmitter license, says Andy Roth, former chief privacy officer of American Express.
Mobile banking is now more popular than banking using a phone or mail, while the Internet remains the most popular method for banking, according to a survey published by the American Bankers Association on Oct. 3. Google is also planning to integrate Gmail with its virtual bank account system, Google Wallet, to allow payments using email. The Venmo peer-to-peer payment app was bought by Braintree in August, which was in turn bought by PayPal in September, so Venmo will likely be improved as a payment app soon, Roth says.
"We are seeing incredible innovation, but the area is becoming increasingly vulnerable to fraudsters," says Roth, who is using his experience with fraud and risk management at American Express as the co-chair of the Global Privacy and Security Group at a major multinational law firm. "There are real concerns with fraud risk management with all of these platforms. Square Cash and some of the other platforms seem very vulnerable to social engineering."
Square Cash could be vulnerable to fraud because one of the ways the product will validate customers is with social media credentials, which could be compromised to allow someone to gain access to payment information or to even manipulate payments, Roth says.
"One of the biggest hurdles to a new payments company is trust," Roth says. "Square Cash looks amazing. It's incredibly innovative, but I think they will face a challenge in recognizing new types of fraud and risk. Fraud risk management is like 'whack-a-mole.'"
Square advises its customers to set complicated passwords on devices and online accounts to protect their information from fraud, and Baynes says the company also has a risk and fraud team that monitors activity in the network to protect customers.
"Every email payment from Square Cash sends a receipt back to the sender," Baynes says. "This receipt gives customers the opportunity to cancel or report the transaction and we can reverse the transaction if necessary. If customers wish, they can also set up text message alerts letting them know when a payment has been made."