事关“免密支付” ，中国支付清算协会发声

Core Viewpoint - The rapid development and widespread application of mobile payment technology have led to the rise of "no-password payment" services, which simplify payment processes and enhance user experience. However, there are concerns regarding security management and user awareness in this area [1][2]. Group 1: Recommendations for Payment Service Providers - Payment service providers should strengthen the security management of "no-password payment" services by ensuring proper authorization management and confirming user intent during the activation process [1]. - It is essential to conduct thorough identity verification and avoid default activation of "no-password payment" services, ensuring users' rights to choose and be informed [1]. - Providers should assess the risk preferences and capabilities of elderly users and clearly present core terms of the service [1]. Group 2: Merchant and Transaction Management - Payment service providers must enhance merchant risk management by setting appropriate limits on "no-password payment" transactions based on merchant characteristics and risk information [2]. - Monitoring transaction activities is crucial to prevent financial losses, utilizing risk models and big data analysis to identify and address unusual transaction patterns [2]. Group 3: User Rights and Awareness - Payment service providers should implement efficient complaint handling processes to protect user rights and offer easy cancellation options for users who no longer wish to use "no-password payment" [2]. - Users are encouraged to enhance their security awareness by employing measures such as two-factor authentication and regularly changing passwords [4]. - Users should regularly check their "no-password payment" agreements and remain vigilant for any unusual transactions, taking immediate action if necessary [4].