Security Experts Comment on Facebook Payments Feature

By   ISBuzz Team
Writer , Information Security Buzz | Mar 23, 2015 05:09 pm PST

Security experts from Lancope and Tripwire commented today on the new payments feature for Facebook Messenger That lets you connect your Visa or Mastercard debit card and tap a “$” button to send friends money on iOS, Android, and desktop with zero fees. Facebook Messenger payments will roll out first in the U.S. over the coming months.

TK Keanini (@tkeanini), chief technology officer, Lancope (

It has become a standard feature of social communities to have in-game or in-world commerce.  Most online game communities offer this and from that perspective Facebook is late to the game.

This payment system is exciting and useful to everyone, including criminals so everyone must do their part to secure their accounts.  Remember, when your account is compromised, it effects everyone. Some people treat Facebook as a play account and don’t take security seriously, approving friend requests from complete strangers, accepting game invites from anyone, these accounts be more of a problem now that you can send and receive payments.

Tim Erlin (@terlin), director of product management and security and IT risk strategist for Tripwire (

While Facebook may be late to the mobile payments game, they’re large enough that they can still dominate the space. It’s not hard to imagine how this feature might expand from peer-to-peer transfers to compete with the likes of Apple and Google for payments to more traditional vendors.

The Facebook platform, including the mobile app, is already a big target for attackers, but adding a financial component to messenger puts it in a different category. There’s simply no doubt that cybercriminals will immediately begin looking for ways to use this new feature to get into your wallet.

About Tripwire

is198Tripwire, Inc., a global provider of risk-based security and compliance management solutions, today announced Tripwire® Enterprise™ version 8.3 featuring a new, stand-alone Policy Manager™. Tripwire Policy Manager provides the detailed visibility into system configurations critical to minimizing security risks and ensuring compliance.

About Lancope

indexLancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team.For more information, visit