For a business operating wireless financial services, the security stakes are higher. Not only will it have to secure its transaction services, but also revalidate every part of the internal network using a wireless link. Failure to do so can result in a number of direct and indirect losses.
§    Theft: money & trade secrets
§    Productivity loss: data corruption & recovery expenses.
§    Legal exposure: failure to meet contracts & failure to meet privacy agreements

This is possible due to the fact that IrFM (Infrared Financial Messaging) uses the IrDA (Infrared Data Association) standards, which does not adhere to strict security measures for data transfer. Since the line-of-sight is required for data transfer, a low level security is probably provided. Hence, attackers can carry out eavesdropping using war-driving software, global positioning system (GPS) device, rouge access points at the network, or antennas. These simply involve a hacker entering an area within the range of the Infrared network and intercepting data transmissions. If the transmissions are not encrypted, hackers can read and record those transmissions. Even if they are encrypted, there are tools available that can analyze them and guess the encryption key. The most common encryption techniques used in wireless systems have been broken many times using various hacking tools and therefore are not necessarily effective in preventing all attacks.

Likewise, ones cell phone signals can be jammed using a cell phone jammer device that emits signals in the same frequency range that cell phones use, effectively blocking their transmissions by creating strong interference. Someone using a cell phone within the range of a jammer will lose signal, but have no way of knowing a jammer was the reason. The phone will simply indicate poor reception strength.

But I really don’t think security is that bad unless the user is so careless because the information in this system flows through the transaction approval-request infrastructure much as if the credit cards were swiped in. In addition, the technology incorporates the digital receipt standards being defined by ARTS (Association for Retail Technology Standards) that has been responsible for developing the digital receipt standard, which is expected to eventually become a legal document. Hence, Point and Pay has two dimensions: transmitting the credit card information, and then generating the digital receipt

As we know, most Wireless standards have a built-in security protocol called WEP ("Wireless Encryption Protocol"), which allows for encrypted transmissions. However, since IrFM that uses the IrDA standard protocol does not strictly specify any security measures for data transfer per se; security of the data transfer is dependent upon physical access to the infrared devices and application and/or network access controls. Therefore, if tight security is required for data transfer using IrDA standards, application level, network, and physical security measures must be implemented in terms of authentication, encryption and/or any other security measures needed.

The most obvious precaution should be combining infrared with radio frequency (RF) technology hosts a huge potential from a security perspective: Users can easily be authenticated and given session keys for their RF communications upon entering the range of the wireless network, via a number of infrared access points, directly linked to the main server. From such an implementation, a potential eavesdropper or hacker trying to impersonate a user would have an enormous difficulty in the cryptanalysis of packets. Provided that the correct algorithms followed by a correct implementation where deployed, such a system would be virtually impenetrable.

Likewise, Intel Trusted Wireless Platform might be used, which is a combined hardware-software security solution that greatly reduces the wireless-related risks and provides a secure framework for wireless networks. For example, Protected Storage system allows the user to store sensitive and secret information on a non-volatile memory, which is protected by a strong cryptographic algorithm. This capability also provides integrity check, which keeps hackers from tempering with the data.

Anti-theft sensors can be wired into the cell phone chips that will make it harder to steal them. These sensors should be able to detect changes in their owner's walking style, voice recognition, and then freeze to prevent unauthorized use. I think most cell phones today have GPS system in them that can pin point where a phone call was made during period of time, or day.

References:
Turban, E., & Aronson J. E. (2005). "Decision Support Systems and Intelligent Systems 6th Ed". Prentice Hall. USA.

Garfinkel, S., with Spafford G. (2002). “Web Security, Privacy & Commerce, 2nd Ed.”
 Sebastopol, CA: O’Reilly

Palmer, M. (2006). “Guide to Operating Systems Security.” Boston, Massachusetts: Thomson Technology

Stair R., Reynolds, G. (2006). “Principles of Information Systems, 7th Ed.” Massachusetts: Thomson Technology