Fraud Education and Prevention Articles

Digital Wallets Make Paying Easy, But Are They Safe from Fraud?

May 29, 2026

If you've ever had the experience of checking out in a store and realizing you've forgotten your wallet (oh no!) before remembering you can pay with the digital wallet on your smartphone (phew!), you probably understand why digital wallets have become so popular.

An estimated 57% of U.S. adults used a digital wallet in 2024.1 A McKinsey survey found that one in five digital wallet users often leave home without their physical wallet in favor of using their phone.2

How safe is that choice? And what can digital wallet users do to protect themselves from fraud? Here's what all consumers should know about the security of digital wallets.


What Counts as a Digital Wallet?

Deciding how secure a digital wallet is depends on how you define the term. Case in point: The Federal Trade Commission received more than 90,000 reports of "payment app and service" fraud in 2024, resulting in $391 million in losses.3 It also reported 108,900 credit card fraud incidents totaling $275 million in losses. Where do digital wallet payments fall in these totals?

That's not exactly clear. Apps like Venmo or PayPal are considered digital wallets and can hold users' digital credit cards, but they are more often associated with peer-to-peer (P2P) payments — and scammers definitely like P2P as a payment method.4, 5 Apple Wallet and Samsung Wallet, on the other hand, primarily exist to hold digital versions of credit cards for use in businesses' tap-to-pay payment terminals — but also include P2P payment features in Apple Cash and Samsung Pay Cash.

With that in mind, it's helpful to think about digital wallet security in two ways: digital credit card security and P2P payment security. It's actually similar to physical wallet security. If you lost your tangible wallet, you can cancel your credit cards and likely have protection about unauthorized charged. But that cash? You know it's long gone.


Digital Wallet Security: Tap-to-Pay Versus P2P

Paying by a credit card with a secure digital wallet at an in-store terminal is extremely secure. When you tap-to-pay at an in-store terminal with a secure digital wallet (for example, Apple Pay) your credit card information isn't even used in that moment, so there is nothing for scammers to steal.6 Instead, here's how it works:

  • Your phone generates a one-time token that only the credit card's payment network can unlock — not even the store.

  • The phone uses Near Field Communication (NFC) technology to communicate the token to the payment terminal.

  • When the credit card's payment network receives the encrypted token, it verifies that the device is yours and the credit card belongs in your wallet, and the payment goes through.

Pretty darn secure. Unless a scammer has your phone and can bypass its security, they are unlikely to successfully use your digital wallet. 

P2P payment features in digital wallets, on the other hand, vary widely. A phone number or email address can be enough info to send anyone a "cash" payment through these features, meaning payment security can be threatened by a typo or a convincing scammer.7 According to Consumer Reports, Cash App, PayPal and Venmo say they monitor transactions for suspicious activity, and all three, plus Apple Cash and Samsung Pay Cash provide varying levels of fraud protection — if you report the fraud by their individual deadlines.8

Credit card with smartphone icon
Many digital wallets allow users to tap-to-pay at stores — which is quite safe—as well as make peer-to-peer payments — a transaction type scammers love.

Digital Wallet Fraud

Digital wallet security technology may make in-store transactions quite safe, but that doesn't mean digital wallet users can let down their financial-fraud guard. Digital wallets are vulnerable to some familiar frauds that take place outside of a purposeful transaction, including:9

  • Unauthorized transactions: Like all online financial accounts, digital wallets are protected by login credentials. Unauthorized transactions can happen when a hacker gains access to the wallet.

  • Data breaches: If the company hosting your digital wallet — or a third-party company that is linked to it — experiences a data breach, your payment information could be exposed.

  • Phishing attacks: Phishing is when a scammer sends a fraudulent message to trick a victim into sending them money or information. This can happen via email, text, or phone call. A digital wallet phishing message might appear to be from your bank or payment service, asking you to send them information or follow a link to resolve an issue, which would then capture your digital wallet credentials. (Keep in mind that Pinnacle + Synovus will never call, email or text you asking for personal information, login credentials or computer access).

  • Device theft: If the phone carrying your digital wallet is lost or stolen, the only thing standing between the thief and your financial accounts is strong device security.

A relatively new digital wallet fraud has emerged recently, though it involves the scammer using their own digital wallet, not the victim's. In March 2025, The Guardian reported about a sophisticated fraud where criminals use phishing to collect victims' credit card or bank details and then add the stolen info to their own digital wallet.10 


How to protect your digital wallet

In many ways, protecting yourself from digital wallet fraud is the same as protecting yourself from any financial cybercrime like credit card fraud

  • Keep your device's operating software up to date and secure your device and digital wallet with the strongest security available.11 This could include passwords, PINs and biometric authentication like a fingerprint reader or face recognition. If your device has a location service available, turn it on to quickly locate it if it goes missing.

  • Only use digital wallets with trusted retailers and peers.

  • Monitor your account activity. Your digital wallet will have its own statements, separate from each credit card or bank account attached. Watch the activity for anything unauthorized.

  • Use two-factor authentication for all online financial accounts.

  • Only use digital wallets from trusted, secure companies and know your digital wallet provider's fraud prevention policies.

  • Never give personal or financial information in response to unsolicited emails, texts, or phone calls — even if it looks like it's coming from a company you do business with. Again, no reputable company will ever request your personal information via email, text, or phone.

  • Use public Wi-Fi with caution. Mobile devices are vulnerable to hackers on open or unsecured public Wi-Fi networks if you accidentally end up on an unsecured website.

  • Set up account alerts from your bank or credit cards. Alerts can help you monitor your account activity and keep an eye out for any suspicious transactions.

If you believe you've been a victim of digital wallet fraud, file a complaint with the digital wallet company's fraud department as soon as possible. As with any fraud, you should also file a report with both the FTC and the FBI's Internet Crime Complaint Center.12, 13 To further protect yourself and your finances from harm, follow the steps outlined in our article, "What to Do if You Are a Victim of Fraud."

Recent

Important disclosure information

This content is general in nature and does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.

  1. The Federal Reserve, "Digital wallets and instant payments," published 2024. Accessed April 28, 2026. Back
  2. Roshan Varadarajan, et al., "State of consumer digital payments in 2024," McKinsey & Company, published October 25, 2024. Accessed April 28, 2026. Back
  3. Federal Trade Commission, "Fraud Reports," FTC Tableau Public, published August 15, 2025. Accessed April 28, 2026. Back
  4. Liz Hund and René Bennett, "A beginner’s guide to digital wallets," Bankrate, published September 30, 2024. Accessed April 28, 2026. Back
  5. Federal Trade Commission, "Mobile Payment Apps: How To Avoid a Scam When You Use One," FTC Consumer Advice, published May 2022. Accessed April 28, 2026. Back
  6. Apple, "Apple Pay security and privacy overview," published October 8, 2024. Accessed April 28, 2026. Back
  7. Cassidy Horton, "7 Peer-To-Peer Payment Scams And How To Avoid Them," Forbes, published October 25, 2023. Accessed April 28, 2026. Back
  8. Lisa L. Gill, "Using Contactless Payments on Your Phone? Take These Smart Steps," Consumer Reports, published April 30, 2025. Accessed April 28, 2026. Back
  9. PayPal, "What to know about digital wallet fraud," published September 10, 2024. Accessed April 28, 2026. Back
  10. Shane Hickey, "What’s in their (digital) wallets? The scammers loading up phones with stolen cards," published March 17, 2025. Accessed April 28, 2026. Back
  11. Department of Financial Protection & Innovation, "What’s in Your Wallet? Tips for Keeping Digital Assets Safe ," DFPI Consumer Insights. Accessed April 28, 2026. Back
  12. Federal Trade Commission, "Report Fraud," accessed April 28, 2026. Back
  13. FBI, "File a Complaint," Internet Crime Complaint Center. Accessed April 28, 2026. Back