事关“免密支付”安全,重要倡议发布
Shang Hai Zheng Quan Bao·2025-11-06 05:34

Core Viewpoint - The China Payment and Clearing Association has issued a significant initiative addressing the safety concerns surrounding "no-password payment" systems, aiming to enhance security measures for both payment service providers and users [1][8]. Payment Service Providers - Payment service providers are urged to strengthen the security management of "no-password payment" services by standardizing authorization management to ensure users' genuine consent [2]. - There is a call for enhanced merchant risk management, including the provision of limit management features to prevent high-risk merchants from offering "no-password payment" services [2]. - The initiative emphasizes the importance of monitoring transaction processes to mitigate the risk of financial loss, utilizing risk models and big data analysis to detect anomalies in user transaction patterns [2][3]. - Providers are encouraged to establish efficient complaint handling processes to protect user rights and offer easy cancellation options for users who no longer wish to use "no-password payment" [3]. User Responsibilities - Users are encouraged to enhance their security awareness by implementing stronger security measures on their mobile devices and accounts, such as enabling two-factor authentication and regularly changing passwords [4][5]. - Users should improve their risk identification capabilities, remain vigilant against marketing traps, and avoid storing payment information on public devices [6]. - Regular checks on "no-password payment" agreements and monitoring transaction alerts are recommended to quickly freeze or shut down accounts in case of suspicious activities [7]. Industry Context - The initiative arises from the rapid development and widespread adoption of mobile payment technologies, which have simplified payment processes and improved user experience while also raising concerns about security and fraud risks [8]. - The China Payment and Clearing Association emphasizes that the healthy development of "no-password payment" services requires collaborative efforts from both the industry and users to build a robust payment security framework [9].