Roger Clarke's Web-Site


© Xamax Consultancy Pty Ltd,  1995-2023

Roger Clarke's 'Mobile Payment Security'

A Risk Assessment Framework for Mobile Payments

Roger Clarke **

Outline of 31 January 2011

Prepared for a seminar in the Information Technology Department of Bond University, on 11 February 2011

© Xamax Consultancy Pty Ltd, 2007-11

Available under an AEShareNet Free
for Education licence or a Creative Commons 'Some
Rights Reserved' licence.

This document is at

The accompanying slide-set is available in
PowerPoint (1.8MB) or PDF (13.5MB)


Progress in Mobile Commerce is heavily dependent on effective and reliable payment mechanisms. Security concerns loom as a major impediment to widespread and rapid adoption, and there is accordingly an urgent need for a framework within which security issues in mobile commerce can be evaluated. This paper draws on lessons from prior payment mechanisms, and applies risk assessment theory, in order to develop such a framework. It provides insights into the use of the framework by performing a test application. Implications for policy, practice and research are drawn.

The presentation draws on the following papers:

Clarke R. & Maurushat A. (2007) 'The Feasibility of Consumer Device Security' Submission to the Australian Securities and Investments Commission (ASIC) in relation to its Review of the Electronic Funds Transfer Code of Conduct, April 2007, at

Clarke R. (2008) 'A Risk Assessment Framework for Mobile Payments' Proc. 21st Bled eCommerce Conf., June 2008, pp. 63-77, at


The presentation draws on a working paper on The Feasibility of Consumer Device Security, co-authored with Alana Maurushat, (currently at UNSW in Sydney, but previously in the Faculty of Law at the University of Hong Kong).

General References

Relatively Secure Payment

Relatively Very Insecure Payment

Variously Reasonably Secure and Insecure


Earlier versions of this seminar were presented at the University of Hong Kong on 25 October 2007, at the Victoria Uni of Wellington on 1 May 2008, and at the Bled eConference in Slovenia on 17 June 2008.

Author Affiliations

Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in the E-Commerce Programme at the University of Hong Kong, a Visiting Professor in the Cyberspace Law & Policy Centre at the University of N.S.W., and a Visiting Professor in the Department of Computer Science at the Australian National University.

xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021.

Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 19 March 2008 - Last Amended: 31 January 2011 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2022   -    Privacy Policy