Based on its review, the staff found that the apps studied often failed to provide pre-download information on issues that are important to consumers. Prior to download, few of the in-store purchase apps provided any information explaining consumers' liability or describing the app's process for handling payment-related disputes.
Additionally, although nearly all of the apps made strong security promises and linked to privacy policies, most privacy policies used vague language that reserved broad rights to collect, use, and share consumer data, making it difficult for readers to understand how the apps actually used consumer data or to compare the apps' data practices.
- First, when offering consumers the ability to make payments through mobile devices, companies should disclose consumers’ rights and liability limits for unauthorized, fraudulent, or erroneous transactions.
- Second, companies should clearly describe how they collect, use, and share consumer data.
- Third, companies should ensure that their strong data security promises translate into strong data security practices.
- Consumers should look for the dispute resolution procedures and liability limits of the apps they download, and consider the payment methods used to fund their purchases.
- Consumers should seek information before they download apps about how their data will be collected, used, and shared.