原标题：新骗局！冒充"保密局"工作人员，专骗微信、支付宝用户，快转给家人提个醒~ 本周二，微信安全中心发布的一篇公告引发关注。今天，"保密观"与你一起，从安全保密角度了解这则 新闻。 "关闭免密支付"新骗局 12月16日，微信安全中心在《微信免密支付功能不收费！》一文中表示，近期，诈骗分子冒充"保密 局""网银后台""平台客服"等工作人员，通过陌生电话联系受害人，谎称其微信、支付宝等平台的"免密 支付"功能已开通或关联了自动扣费服务，若不关闭将连续扣费。 随后，引导受害人访问指定网址，下载具有屏幕共享或远程控制功能的恶意软件。一旦安装，诈骗分子 便可远程操控受害人手机（常出现黑屏），并诱导其进行刷脸认证、输入银行卡密码、短信验证码等关 键操作，从而盗转账户资金。 图片来源于"微信安全中 心"微信公众号 在微信安全中心提到的案例中，用户A接到自称"银监会保密局工作人员"的电话，称其微信、支付宝免 密支付功能关联的保险即将自动扣费，需立即关闭。用户按指示下载一款视频共享软件后手机黑屏，在 对方引导下完成刷脸认证，随后发现银行卡内49万余元被转走。 "保密观"有话说 面对"关闭免密支付"此类骗局，我们需要注意以下几 ...

微信免密支付功能不收费！ 冒充国家机关人员 谎称免密支付需关闭 诱导下载恶意软件 盗取银行卡资金 骗取刷脸认证 操控手机黑屏 安全提醒 1 微信支付"免密支付"功能本身不收取任何费用， 任何以"关闭免密支付"为由指导操作、索要收费或要 求下载软件的，都是诈骗。 2 切勿与陌生人开启"屏幕共享"或下载来源不明的 App，此类软件可能隐藏远程控制功能，导致手机被操 控、信息被窃取。 3 公检法及正规机构不会通过电话指导操作转账、下 载软件或索要人脸、密码、验证码等敏感信息。 4 如对支付功能有疑问，应通过微信、支付宝等官方 App内的客服渠道核实，勿轻信外来电话。 5 一旦发现被骗，立即冻结银行卡并报警，保留通话 记录、软件名称等证据。 自助查询与管理 来源： 微信安全中心 关注" 新华网财经 "视频号 更多财经资讯等你来看 往期推荐 茅台、五粮液同日官宣！ 苹果闪送官宣iPhone免运费 ...

二、针对当前业务开展中，存在交易模式异常、交易行为不合规及交易占比超出正常范围等问题的合作项目， 我司将组建专项排查小组，通过线下实地核验、线上系统实时监测等多元方式开展全面排查。对排查结果完全 合格的业务，进行后续结算事宜。 鲲鹏支付表示："本次专项整改行动，既是我司严格履行企业主体责任、贯彻落实国家金融监管政策的必然举 措，也是保障各合规合作伙伴及商户合法权益、维护行业健康发展秩序的重要行动。恳请各合作伙伴高度重视 此次整改工作，积极配合各项排查与清理要求，严格遵循我司相关管理规定，与我司携手共建安全有序、合规 可信的支付服务环境。" 12月10日金融一线消息，鲲鹏支付今日发布关于启动支付业务合规整改专项行动的通知。通知指出，为全面响 应中国人民银行发布的《关于加强支付受理终端及相关业务管理的通知》（银发（2021〕259号）及《关于强化 银行卡受理终端安全管理的通知》（银发（2017〕21号）两份重要文件的监管导向，筑牢支付业务安全运营根 基，确保全链条业务开展均符合合规性与稳定性要求，我司近期已启动面向所有合作服务商及旗下拓展终端程 序的全面核查与整改专项工作。 支付安全是行业发展的生命线，为彰显我司 ...

Core Viewpoint - The China Payment and Clearing Association has issued an initiative to enhance the security management of "no-password payment" services, emphasizing the need to eliminate default activation practices and provide a one-click cancellation feature for users [1][2]. Group 1: Consumer Concerns - Consumers express a strong desire for more choice regarding "no-password payment," advocating against misleading practices such as default selections and one-click activations [2][3]. - There is a significant concern regarding the security of "no-password payment," with calls for payment service providers to balance convenience with safety [2][3]. Group 2: Industry Response - The China Consumer Association previously issued a reminder for consumers to be cautious when using "no-password payment" to prevent potential financial losses due to excessive account permissions [2]. - The recent initiative from the Payment and Clearing Association aims to ensure that user consent is clearly obtained and that the activation of "no-password payment" is not done by default [2][3]. Group 3: Recommendations for Payment Service Providers - Payment service providers are encouraged to optimize their processes to ensure clear consumer consent for "no-password payment" and to provide easy access to cancellation options [3]. - There is a recommendation to enhance monitoring of transactions and improve risk management capabilities to protect consumers from financial losses [3]. Group 4: Consumer Best Practices - Consumers are advised to remain vigilant during online payments, enhancing their device and account security through measures such as two-factor authentication and regular password changes [3]. - It is suggested that consumers regularly check their "no-password payment" agreements and monitor transaction alerts to quickly address any anomalies [3].

Core Viewpoint - The rise of "no-password payment" has made transactions more convenient, but it also poses significant security risks, leading to unauthorized charges and difficulties in managing payment settings [2][3][6] Group 1: Convenience of No-Password Payment - "No-password payment" has become a preferred choice for many due to its high convenience, allowing transactions to be completed instantly without the need for password input [2][3] - Users have reported issues such as accidental activation of "no-password payment" by elderly family members, leading to unexpected purchases [2][3] Group 2: Security Risks - The lack of password or secondary verification in "no-password payment" can lead to unauthorized transactions, especially if a phone is lost or account information is leaked [3][5] - Some platforms impose limits on single transaction amounts but do not restrict the frequency of transactions, enabling potential fraud through small, repeated charges [3][5] Group 3: User Management and Prevention - Users can check and manage their "no-password payment" settings through various apps like Alipay and WeChat, with specific steps outlined for each platform [4][5] - Recommendations for users include regularly reviewing and cleaning up authorization settings, enhancing device and account security, and maintaining a habit of checking transaction records to identify any anomalies [5][6] Group 4: Recommendations for Payment Platforms - Payment service providers should strengthen the management of "no-password payment" features by ensuring user identity verification and avoiding default activation of such services [5][6] - Platforms should implement measures to detect unusual transaction patterns and provide users with easy options to deactivate "no-password payment" if they choose to do so [5][6]

Core Viewpoint - The China Payment and Clearing Association has issued an initiative for the security management of "no-password payment" services, aiming to balance payment convenience with fund security [1][2] Group 1: Initiative and Recommendations - The initiative calls for payment service providers to avoid default activation of "no-password payment," provide a one-click cancellation feature, and enhance user awareness of security [1] - The initiative addresses weaknesses in the "no-password payment" process, marking an important step in strengthening payment security [1] Group 2: Responsibilities and Actions - Payment service providers are urged to respond actively to the initiative, ensuring that services are not defaulted on and that cancellation is convenient, thereby safeguarding user rights [1] - Providers should enhance risk management capabilities through technology, such as risk modeling and big data analysis, to detect and prevent unusual transaction patterns [1] Group 3: Regulatory and User Engagement - Regulatory bodies are encouraged to strengthen ongoing supervision and special rectification efforts, utilizing technical monitoring and random inspections to combat illegal activities [2] - Users are advised to improve their payment security awareness and remain cautious of unfamiliar pop-ups and agreements to protect their financial safety [2]

Core Viewpoint - The rise of "no-password payment" has significantly enhanced convenience in mobile payments, but it also raises serious concerns regarding security risks, including unauthorized transactions and default activation traps, prompting regulatory scrutiny and consumer complaints [1][5][10]. Summary by Relevant Sections User Authorization - The China Payment and Clearing Association emphasizes the need for strict identity verification during user authorization to prevent default activation of "no-password payment" services. It calls for clear confirmation of user intent and agreement to the service terms, especially for vulnerable groups like the elderly [3][4]. Merchant Risk Management - The association advises payment service providers to assess merchant risk based on their business operations and to set transaction limits for "no-password payment" to mitigate risks associated with high-risk merchants [3]. Transaction Monitoring - Enhanced transaction monitoring through risk modeling and big data analysis is recommended to identify and intercept unusual transaction patterns, thereby protecting users from potential financial losses [3][4]. User Rights Protection - Payment service providers are urged to establish efficient complaint handling processes and to offer easy cancellation options for users wishing to discontinue "no-password payment." Additionally, proactive communication regarding transaction details is recommended, particularly for elderly users [4][6]. Consumer Complaints - As of November 13, the number of complaints related to "no-password payment" has reached 54,900, highlighting issues such as unauthorized activation and unexpected charges. Many users report being unaware of their enrollment in such services until they notice deductions from their accounts [5][6][10]. Vulnerable Groups - Children and the elderly are identified as particularly vulnerable to the pitfalls of "no-password payment," with reports of unauthorized transactions occurring without parental consent or due to accidental activations [7][8]. Regulatory Attention - The potential risks associated with "no-password payment" have drawn significant attention from regulatory bodies, leading to calls for improved consumer protection measures and heightened awareness of the risks involved [10][11]. Recommendations for Consumers - Consumers are advised to adopt a cautious approach by disabling "no-password payment" features unless absolutely necessary, regularly reviewing their payment authorizations, and enhancing their account security measures [11].

Core Viewpoint - The China Payment and Clearing Association has emphasized the need for enhanced security management in "no-password payment" services, highlighting existing vulnerabilities in both service providers and user awareness [1][3]. Group 1: Security Management Recommendations - The association advocates for payment service providers to strengthen security management for "no-password payment" by eliminating default activation, offering limit management features, and prominently providing a one-click cancellation option [3][20]. - Users are encouraged to regularly check their agreements for no-password payment services [3]. Group 2: User Experience and Feedback - Users have reported difficulties in canceling no-password payment services, with an average of 5 to 6 page jumps required on various platforms to deactivate the service [4][6]. - Many users have expressed frustration on social media about unintentionally activating no-password payment due to misleading interfaces or accidental clicks [5][6]. Group 3: Payment Limits and Merchant Practices - Different merchants have varying single transaction limits for no-password payments, with platforms like Xiaohongshu allowing up to 1,000 yuan, while others like Xianyu only support transactions below 100 yuan [8][9]. - Some platforms impose daily limits on the number of no-password transactions, enhancing security through transaction restrictions [9]. Group 4: Safety Concerns and Comparisons - Concerns regarding the safety of no-password payments include risks associated with lost devices and erroneous transactions, similar to issues previously raised about traditional bank card no-password payments [11][12]. - The security of no-password payments is supported by multiple safeguards, including chip card technology, trusted merchant selection, transaction limits, intelligent risk control, and full compensation for verified losses [12][14]. Group 5: User Choice and Functionality - The functionality of no-password payments is deemed reasonable in high-frequency, low-value transaction scenarios, where entering a password can hinder user experience [16][20]. - The emphasis is placed on respecting user choice, with a call for platforms to avoid default selections that may lead to unintended activations [15][20].

Core Viewpoint - The China Payment and Clearing Association has issued an initiative to enhance the security management of "no-password payment" services, highlighting the need for improved safety measures and user awareness in this area [1][2]. Group 1: Security Management Recommendations - Payment service providers are encouraged to strengthen security management for "no-password payment" by eliminating default activation, providing limit management features, and prominently offering a one-click cancellation option [3]. - Users are advised to regularly check their agreements regarding "no-password payment" services [3]. Group 2: User Experience and Feedback - Users have expressed frustration on social media about unintentionally activating "no-password payment" due to misleading prompts or accidental clicks, and they often struggle to find ways to deactivate this service [4][5]. - Testing revealed that deactivating "no-password payment" on popular platforms requires multiple page navigations, averaging 5 to 6 clicks, which complicates the process for users [5][6]. Group 3: Payment Limits and Security Concerns - Different merchants have varying single transaction limits for "no-password payment," with some platforms allowing limits as high as 1,000 yuan, while others restrict transactions to under 100 yuan [7]. - Concerns regarding the security of "no-password payment" include risks associated with lost devices and erroneous transactions, which could lead to unauthorized deductions from accounts [8]. Group 4: Comparison with Traditional Payment Methods - Traditional bank cards with "no-password payment" features have established security measures, including chip technology, merchant vetting, transaction limits, intelligent risk control, and full compensation for losses due to fraud [9][10][11]. - The underlying security mechanisms of mobile wallets like Alipay and WeChat Pay differ from traditional bank cards, relying more on their own risk control systems rather than external card organization rules [12]. Group 5: User Choice and Functionality - Experts argue that "no-password payment" can be beneficial in high-frequency, low-value transaction scenarios, as it enhances user experience by reducing the need for repetitive password entry [12][13]. - The emphasis is placed on respecting user choice, with calls for payment platforms to avoid default selections and ensure clear communication regarding activation and deactivation of "no-password payment" features [16].

Core Viewpoint - The China Payment and Clearing Association has emphasized the need for enhanced security management of "no-password payment" services, highlighting existing gaps in both service providers' security measures and users' awareness of security risks [1][4]. Group 1: Security Management Recommendations - The association advocates for payment service providers to strengthen security management of "no-password payment" by eliminating default activation, providing limit management features, and prominently offering a one-click cancellation option [4][20]. - Users are encouraged to regularly check their agreements regarding no-password payment services [4]. Group 2: User Experience and Challenges - Users have reported difficulties in canceling no-password payment services, often requiring multiple page navigations within apps to do so, with an average of 5 to 6 page jumps noted across various platforms [5][6][7]. - Many users express frustration over inadvertently activating no-password payment features due to misleading interfaces or accidental clicks during transactions [5]. Group 3: Payment Security Concerns - The convenience of no-password payments is countered by potential security risks, such as unauthorized access if a mobile device is lost or incorrect charges due to scanning errors [9][10]. - Traditional bank cards also offer no-password payment options, which have been widely accepted, but concerns about security have been raised in the past [10][13]. Group 4: Safety Mechanisms - Bank card no-password payments are secured through multiple layers, including chip technology, merchant vetting, transaction limits, intelligent risk control, and full compensation for verified losses [11][12][13]. - In contrast, third-party payment platforms like Alipay and WeChat rely on their risk control systems, which assess factors such as device usage and transaction location to ensure security [13][14]. Group 5: User Choice and Functionality - The discussion around no-password payments emphasizes the importance of respecting user choice, with calls for clearer communication during activation and easier cancellation processes [20]. - Experts suggest that while no-password payments can enhance user experience in high-frequency, low-value transactions, the design should prioritize user consent and awareness [14][20].