Information systems and technology associate professor Katina Michael is worried about paying with wearables and other emerging contactless devices.
The University of Wollongong academic voiced her concerns at FST Media's recent Future of Security in Financial Services Summit.
Michael said "lax security" of some contactless payment methods, for example, made it easier for juveniles to swipe $100 "from a parent's card without their knowledge."
Even when a second factor for authentication was introduced, it did not mask the underlying weakness of these newer platforms, she said.
"What are we doing introducing insecure technologies like NFC [near field communications] and 'touch and go' [payments] through different types of wearables and card tokens and then trying to back them up with some kind of second tier authentication like biometrics?" she said.
"We're saying, 'Yes, we know it's an insecure device and we know it will increase our fraud'.
"Let's get serious."
Michael made the comments as part of a panel discussion on emerging risks in the payments industry.
Other panellists, including Visa Australia's risk services director Sasha Slevec, disagreed with Michael's assessment.
"Despite what [was] said about contactless ... it has the lowest fraud rate of any channel we have," Slevec said.
This wasn't simply because it was newer than other payment options, he later told Information Age.
"Although the contactless bit may be new, the [authentication] technology that it relies on - EMV - has been built up over time," he said.
"The first EMV card issued in Australia was in 2001. It's been around."
Slevec was, however, cognisant that emerging devices and payment systems could challenge the process rigour typically expected of payments processing.
"Moving into wearables, we've got an eye to that," he said.
Ditto e-commerce, where Visa Australia is particularly focused on driving standards - and trust - for the handling of payments.
Visa's answer is to encourage newer payment platforms to adopt authentication standards (EMV) and "tokenisation" standards, which payment operators like itself have been working towards.
In the future, tokens (unique numbers) may exist for payments using a mobile phone or wearable device. The tokens could be device or platform-specific, meaning fraud damage could be limited if the tokens fell into the wrong hands.
"For example, if a fraudster was to get hold of a token that has been provisioned to a mobile device, and then try to use it for an online e-commerce transaction, the transaction would be declined," Visa Australia said in a recent white paper.
Do people want to pay with a smartwatch?
Devices such as the Apple Watch are being touted as vehicles to drive wearable payments into mainstream use.
Apple's payment system, Apple Pay, is presently limited to the United States, although there is speculation it could be brought to Australia after pictures emerged of a Woolworths app displayed on Watch screens used during the product's launch.
However, questions remain on whether consumers are excited enough at the prospect of contactless payments using a watch, or even a smartphone.
Research by the e-commerce security service Trustev released this week found 79 percent of iPhone 6 and 6 Plus users it surveyed in the US had "never used Apple Pay at all".
In fact, only 2.1 percent of those surveyed said used the service more than ten times a week; most were simply content with cash or card.
Trustev CEO Pat Phelan said the slow adoption "shows how difficult it is to get consumers to change well entrenched habits.
"For years, techies have been pitching e-wallets to consumers but they don't seem interested".
