Identity theft protection company LifeLock pulled its LifeLock Wallet application from the App Store, Google Play and Amazon Apps after the company realized the product was not compliant with payment card industry (PCI) security standards.
Payment information stored in customers’ Wallets has been deleted from LifeLock’s servers, the company announced May 16, and the app will not be usable until the company releases an updated, compliant version. The suspension of the service does not affect consumers’ ability to use the physical cards they digitally stored in LifeLock Wallet.
LifeLock is characterizing the sudden lockdown as a move of extreme caution and transparency. There is no reason to believe information stored by the app has been compromised, the company said in an email to users. (Regardless, you should know what to do if you’re a victim of a data breach.) Any company that accepts payment card information must meet the PCI Data Security Standard, which is a collection of requirements for implementing and monitoring a secure network protecting cardholder data.
It’s a lot more complicated than that, but the point is there are security standards LifeLock Wallet failed to meet, so the company is pulling the plug until such compliance issues are straightened out. A LifeLock spokesperson declined to provide information about the discovery of the vulnerability or a timeline for the release of an updated product, stating the company is still in the fact-finding process.
“We have no reason to believe that information associated with the mobile app or consumer credit cards uploaded into the mobile app has been compromised, but given that certain aspects of the app are not fully compliant with PCI security standards, we are temporarily shutting down the app out of an abundance of caution and our focus on the security of our users,” the spokesperson wrote in an email statement to Credit.com.
LifeLock Wallet spawned from Lemon Wallet, a mobile application that allowed users to store digital copies of their credit cards and loyalty cards on their smartphones. LifeLock bought Lemon for $42.6 million at the end of 2013 and used the Lemon technology to launch LifeLock Wallet as a credit monitoring tool. Users with a paid LifeLock subscription could receive fraud alerts via LifeLock Wallet, in addition to the services included in the free version of the app. It is unclear if the compliance issue was present before the acquisition of Lemon.
Whether or not you used the LifeLock Wallet app, it’s good practice to regularly check your online bank statements for fraudulent transactions. It can also be helpful to check your credit reports for fraudulent new accounts, and monitoring your credit scores, which you can do for free through Credit.com, can also help you detect fraud if you have an unexpected change in your scores. Fraud can do some serious damage to your finances or credit standing, so having a plan for dealing with it when it happens will help you tackle the problem with confidence and minimal hassle — here’s how.
More on Identity Theft:
- Identity Theft: What You Need to Know
- The Risks You Face From Identity Theft
- How Credit Impacts Your Day-to-Day Life