事关“免密支付” ，中国支付清算协会发声

Core Viewpoint - The rapid development and widespread application of mobile payment technology have led to the rise of "no-password payment" services, which simplify payment processes and enhance user experience, but also highlight the need for improved security management by payment service providers and increased user awareness of security risks [1][2]. Group 1: Recommendations for Payment Service Providers - Payment service providers should strengthen security management for "no-password payment" services by ensuring user consent and identity verification during the activation process, avoiding default activation, and safeguarding user rights [1]. - There should be enhanced risk management for merchants, including setting transaction limits based on merchant characteristics and risk profiles to prevent high-risk merchants from offering "no-password payment" services [2]. - Continuous monitoring of transaction activities is essential to detect anomalies in user spending patterns, allowing for timely intervention to prevent potential financial losses [2]. Group 2: User Awareness and Protection - Users are encouraged to enhance their security awareness by implementing measures such as enabling two-factor authentication and regularly changing passwords to protect their mobile devices and accounts [4]. - Users should improve their ability to identify risks, remain vigilant against marketing traps, and avoid storing payment information on public devices [4]. - Regular checks on "no-password payment" agreements and transaction alerts are recommended, allowing users to freeze or close accounts promptly upon detecting any irregularities [4].